Magic cookie: Difference between revisions
No edit summary |
m Dropped two accidental preformats. |
||
Line 13: | Line 13: | ||
== Cookie as token == |
== Cookie as token == |
||
A magic cookie can be analogous to, for example, the token supplied at a |
A magic cookie can be analogous to, for example, the token supplied at a |
||
coat check ([[cloakroom]]) counter in [[Real life (reality)|real |
|||
life]]. |
life]]. The token has no intrinsic meaning, but its uniqueness allows |
||
it to be exchanged for the correct coat when returned to the coat check |
it to be exchanged for the correct coat when returned to the coat check |
||
counter. |
counter. The coat check token is opaque because the way in which the |
||
counter staff are able to find the correct coat when the token is |
counter staff are able to find the correct coat when the token is |
||
presented is immaterial to the person who wishes their coat returned. |
presented is immaterial to the person who wishes their coat returned. |
||
Line 27: | Line 27: | ||
cookie]] on one's computer, where they are often used to |
cookie]] on one's computer, where they are often used to |
||
[[authentication|authenticate]] identity upon returning to the website. |
[[authentication|authenticate]] identity upon returning to the website. |
||
Cookies are a component of the most common authentication method used |
|||
by the [[X Window System]]. |
by the [[X Window System]]. |
||
Revision as of 00:14, 25 December 2012
This article relies largely or entirely on a single source. (October 2012) |
A magic cookie or just cookie for short, is a token or short packet of data passed between communicating programs, where the data is typically not meaningful to the recipient program. The contents are opaque and not usually interpreted until the recipient passes the cookie data back to the sender or perhaps another program at a later time. The cookie is often used like a ticket – to identify a particular event or transaction.
In some cases, recipient programs are able to meaningfully compare two cookies for equality.
Cookie as token
A magic cookie can be analogous to, for example, the token supplied at a coat check (cloakroom) counter in real life. The token has no intrinsic meaning, but its uniqueness allows it to be exchanged for the correct coat when returned to the coat check counter. The coat check token is opaque because the way in which the counter staff are able to find the correct coat when the token is presented is immaterial to the person who wishes their coat returned. In other cases (as is possible with HTTP cookies), the actual data of interest can be stored as name–value pairs directly on the cookie.
Cookies are used as identifying tokens in many computer applications. When one visits a website, the remote server may leave an [[HTTP cookie]] on one's computer, where they are often used to authenticate identity upon returning to the website.
Cookies are a component of the most common authentication method used by the X Window System.
Security
Some cookies (such as HTTP cookies) have a digital signature appended to them or are otherwise encrypted, thus hostile users or applications are unable to forge a cookie and present it to the sending application, in order to gain access to that which the hostile user is otherwise not entitled. Depending on the nature of the encryption algorithm used, users may be able to verify that a cookie is authentic.
See also
References
This article is based on material taken from the Free On-line Dictionary of Computing prior to 1 November 2008 and incorporated under the "relicensing" terms of the GFDL, version 1.3 or later.