- A cookie is a piece of code that has the potential to compromise the security of an Internet user
- A cookie gains entry to the user's work area through an HTTP header
- A cookie has an expiry date and time
- Cookies can be used to track the browsing pattern of a user at a particular site
Option B is correct.
Cookies are passed as HTTP headers, both in the request (client -> server), and in the response (server -> client).
The server sends the following in its response header to set a cookie field.
If there is a cookie set, then the browser sends the following in its request header.
Option C is correct
When the cookies are passed, we can set various things like the name, the expiry date and time, and the path that leads to the destination on where it'll be stored in the client.
Option D is correct.
That's the function of cookies
Which leaves us with option A. Why is option A incorrect?
First, cookies are text-only strings. Not a piece of code.
Second, they compromise arguably the privacy of the user, and not the security.
Hence, Option A is the answer.