Pequeña
cantidad de información que se le manda al navegador del cliente y que permite
que éste quede identificado en conexiones sucesivas.
A character
string, placed in a web browsers memory, which is available to websites within
the same Internet domain as the server that placed them in the web browser.
Cookies are used
for many purposes and may be assertions or may contain pointers to assertions.
[NIST-SP800-63:2013]
Data exchanged
between an HTTP server and a browser (a client of the server) to store state
information on the client side and retrieve it later for server use. [CNSSI_4009:2010]
1. (I) /HTTP/
Data exchanged between an HTTP server and a browser (a client of the server) to
store state information on the client side and retrieve it later for server
use.
2. (I) /IPsec/
Data objects exchanged by ISAKMP to prevent certain denial-of-service attacks
during the establishment of a security association.
[RFC4949:2007]
A file
transmitted to a users browser to uniquely identify the users browser.
http://iab.com/
Temporary cookies
which are only loaded for the active browser session and erased upon exiting
the browser.
http://iab.com/
A cookie that
does not automatically gets erased and remains on the users system even after
the user disconnects.
http://iab.com/
Small amount of
data sent by the web server, to a web client, which can be stored and retrieved
at a later time. Typically cookies are used to keep track of a users state as
they traverse a web site. See also Cookie Manipulation.
http://www.webappsec.org/projects/glossary/
Altering or
modification of cookie values, on the clients web browser, to exploit security
issues within a web application. Attackers will normally manipulate cookie
values to fraudulently authenticate themselves to a web site. This is an
example of the problem of trusting the user to provide reasonable input.
http://www.webappsec.org/projects/glossary/
Temas relacionados