Binding
E.g. Handle=grewe |
Typical Uses of Cookies
|
Problems with Cookies
|
Secure Cookies
Cookies have a secure flag, indicating that the cookie should only be sent over a secure channel. The rationale is as follows: supposing that we set a session ID cookie in response to the user logging in over a secure connection. Since the session ID is what to the server "represents" the user name and password, we don't want that session ID to ever be sent over an insecure connection and be vulnerable to eavesdropping. Setting the secure flag asks the client not to ever send that cookie over an insecure connection. In theory, "secure" and "insecure" are left to the interpretation of individual clients, but in practice "secure" means "HTTPS connection". |
How to Create a Cookie using Java Servlets
|
||
Creating Cookie Example:
>Source code for example
|
||
Accepting Cookie Example:
>Source code for example
|