this post was submitted on 19 Feb 2024
1235 points (94.2% liked)
Technology
59207 readers
3234 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related content.
- Be excellent to each another!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, to ask if your bot can be added please contact us.
- Check for duplicates before posting, duplicates may be removed
Approved Bots
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Cookies are literally how a website keeps track of you having logged with a username and password into that site on your browser, for all other pages after you leave the log-in page.
The reason for this is because the Web protocols were designed for the web server to get a request from a browser, send the page to the browser and after that close the connection (though since HTTP version 1.1 connections might stay up for things like sending the pictures linked to a page, a mechanism known as Keep-Alive).
For performance by default the web server doesn't really care which browser has asked it for a given page or what it has asked for before unless some kind of tracking is added to the pages your receive so that in subsequent requests you're identified.
So the only way for a website to keep track of a specific browser so that it can do different things for that browser (i.e. know a user has logged-in via that browser so send to that browser pages that user has access to rather than sending "You are not logged-in" errors) is by sending some kind of token to the browser which the browser will then present along with each subesequent request to that site.
Cookies are by far the easiest way to do this.
The problem with cookies is that their ability to track a browser has be abused for things far beyond their original purpose (mainly things like track the browser were a user logged-in, to know to which browsers it can send certain protected pages and information).
There are some sites that can track a user in that site after log-in with a different method (basically all the links you get in pages on that website have a tiny bit of extra information that identifies each request as coming from a specific browser, but for example if you come into the website again from a bookmark all that is lost), but those are pretty rare nowadays because it can be quite complex to get it work whilst cookies are pretty straightforward to get to work reliably.