8,006 views
9 votes
9 votes

Which of the following statements is NOT correct about HTTP cookies?

  1. A cookie is a piece of code that has the potential to compromise the security of an Internet user
  2. A cookie gains entry to the user's  work area through an HTTP header
  3. A cookie has an expiry date and time
  4. Cookies can be used to track the browsing pattern of a user at a particular site

5 Answers

Best answer
8 votes
8 votes

Answer is A. 

See this : http://stackoverflow.com/questions/3467114/how-are-cookies-passed-in-the-http-protocol

Moreover, cookies are just strings not code. Refer Tanenbaum .

selected by
4 votes
4 votes

Cookie is a file (at most 4KB) or a string. It is criticised because it can arguably violate privacy — not compromise the security of the user (We have to be technical here).

Cookie is just data. Not an executable program, hence it can't compromise security.

Option A is incorrect (Answer)


Cookies are passed via HTTP headers, in both the cases (when client contacts server, and when server contacts the client)

Option B is correct.


Cookies may contain up to 5 fields that have information about

  1. Domain
  2. Path
  3. Content
  4. Expiry
  5. If the browser would return the cookie to only a secure server.

Option C is correct.


The primary functionality of cookies is to track the user's browsing pattern, so as to customize their viewing experience. Option D is correct.


Additional information

The data of the cookies is only meant for the server. It is never revealed to the browser/user.

Cookie is something that the server creates, and only the server eats. (Line taken from Forouzan)

 

Tannenbaum, page 481.

edited by
0 votes
0 votes
Answer Is A

 

A cookie is a piece of code that has the potential to compromise the security of an Internet user

Its Not A Piece Of Code
0 votes
0 votes
An HTTP cookie (also called web cookie, Internet cookie, browser cookie, or simply cookie) is a small piece of data sent from a website and stored on the user's computer by the user's web browser while the user is browsing. Cookies are not piece of code, they are just strings typically in the form of key value pairs.
Answer:

Related questions