IN-CLASS ACTIVITY: COOKIES


According to Wikipedia's description of a cookie:

HTTP cookies (also called web cookies, Internet cookies, browser cookies, or simply cookies) are small blocks of data created by a web server while a user is browsing a website and placed on the user's computer or other device by the user's web browser. Cookies are placed on the device used to access a website, and more than one cookie may be placed on a user's device during a session.

Cookies serve useful and sometimes essential functions on the web. They enable web servers to store stateful information (such as items added in the shopping cart in an online store) on the user's device or to track the user's browsing activity (including clicking particular buttons, logging in, or recording which pages were visited in the past). They can also be used to save information that the user previously entered into form fields, such as names, addresses, passwords, and payment card numbers for subsequent use.

Tracking cookies, and especially third-party tracking cookies, are commonly used as ways to compile long-term records of individuals' browsing histories — a potential privacy concern that prompted European and U.S. lawmakers to take action in 2011. European law requires that all websites targeting European Union member states gain "informed consent" from users before storing non-essential cookies on their device.

This comic is an example of the usefulness of cookies to maintain a state between client and server:

Server Attention Span, a comic from xkcd.com
"Server Attention Span", a web comic from xkcd.com

Play with Cookies


For this in-class activity you will need to use the browser Chrome. After summoning Chrome Developer Tools (click the dotted menu and select More Tools > Developer Tools) select the Application tab, then click the Cookies drop down menu on the left-hand side (under the Storage category) and finally, click on the URL of the site you are inspecting. In this activity you will be playing with the following sites:

  • Customization demo: This demo lets you change the preferences of a page.
  • Cookie Counter 2: Personal Counter, consists of 2 parts Cookie Script and gettimes script.
  • Last Visit Cookie: Displays the clients operating system and browser type, tells you what date and time you're last visit was and gives you a list of sections which have been updated since you're last visit.
  • For a full list of other cookie activities, visit: Cookie Central's demo page.

For each of the three links above, you will have the Developer Tools' Cookies tab and start filling out the information requested in some of those links (please use fake information). Then, reload the page and see what happen. Close the page, open the link again and see if your information is still there. Delete the cookies (right click on the cookie name and select Delete) and proceed to reload the page to see if your information is still there. Observe the cookies being sent by the server and received and stored in your computer by your browser. Clicking on them will allow you to see their content. You can verify (by looking at the different columns):

  • Expiration date
  • Cookie name and value

Submit to Kit


After reading Cookie Central's introduction to cookies and the article What went Wrong? (with cookies) prepare a one page reflection about your impressions using cookies and learning about the history and uses of them. Focus on privacy, possible exploitation issues, and what would you do to make cookies better?