First Things to Know About Web Sites, Addresses and Cookies

Alexandra Andrews, Teddy Andrews, Annamarie Baldessari,
David Bradley, Bob Gill, Larry Hengl, Michael McMillan

First Things to Know About The Web
What Are Cookies
Not Exactly Cream Filled
Good Cookies
Your Choices With Cookies


First Things to Know About The Web
Back to the Web Tutorial Table of Contents

Examples used here are based on the latest version of the Netscape Communicator which includes the Navigator and mail/usegroup capabilities. Other browsers may rearrange these features but will usually include them in similar ways.

Mirror Sites The word Mirror in Computers means Alternative or Copy. A Mirror Site is another web address where you will find the same information.

The term URL means Uniform Resource Locator. When you see http://www.cancersupportivecare.com It means  (http:// = Hypertext Transfer Protocol) + (www = World Wide Web) + (hostname = cancersupportivecare) + (.com = commercial)

Now type the web address http://www.cancersupportivecare.com into the window and press Enter.

Cancer Supportive Care Program graphic

Type the address http://www.cancersupportivecare.com/links.html into the window and press Enter. This will take you to a page named links.html. (html means Hypertext Markup Language) Always type website addresses as shown. Never subsitute capital letters for lower case, or vice versa (except in UNIX where everything must be lower case.) In general, copy the exact spacing of all letters, words, etc.

Don't forget to look closely: what may appear to a blank space may in fact be an underscore and this, too, must be written as shown.

Cancer Supportive Care Program graphic

 

What Are Cookies
Back to the Web Tutorial Table of Contents

Security Warning
Never! Never!
use your normal login and password. Have a special login and password for sites that ask for personal information. Many sites are not secure. This will help protect you from unscrupulous web pirates seeking your private data.

Q:What Are Cookies? Are They Dangerous To My Computer or My Privacy?

No. A cookie is a simple piece of text. It is not a program, or a plug-in, and thus, it cannot access your hard drive. It cannot be used as a virus. Your browser (not a programmer) can save cookie values to its memory (RAM) or a file on your hard disk if necessary, but that is the limit of its effects on your system. A Cookie Alone Cannot Read Your Hard Drive To Find Out Who You Are, Where You Live, What Your Income Is, Or Other Personal Information. The only way that information could end up in a cookie is if YOU provide it to a site and that site saves to a cookie.

Q:Can cookies fill my hard drive?

No. Most major browsers (Netscape & MS Internet Explorer) limit the number and size of cookies.

Q: Am I at the mercy of the Web site when it comes to cookie control?

No. You have the power to set your browser preferences to reject cookies.

Q: Why Do We Need Cookies

Cookies are very useful for identifying users of the Web. Unless something special is done, Web servers are only aware of users when a transaction such as sending or receiving information -- is in process. The moment the transaction is complete the server forgets about the user. Only by cookies may subsequent transactions be correlated with previous exchanges. An HTTP connection and transaction can be distilled into the following steps:

HTTP is a "stateless" (non-persistent) protocol. It is not possible to differentiate between visits to a given web site, unless the server can somehow "mark" the visitors.

A cookie is a piece of information stored in the visitor's browser. It might be database information, custom page settings, just about anything. A popular analogy is to the coupon you get from a dry cleaner. When you return for your clothes the dry cleaner matches tickets to ensure that the correct items are returned.

More technically, a cookie is an HTTP header consisting of a text-only string to be entered into the memory of a browser. This string contains the domain, path, lifetime, and value of a variable that a website sets. If the lifetime of this variable is longer than the time the user spends at that site, then this string is saved to file for future reference. By default, cookies exist until the browser is exited; they should disappear when you close the browser.

Users need to know that a Web site can only write and read the cookie it places on your browser. Only if the domain and path attributes match that of the host document (the default) can a cookie be stored or retrieved. There is still the perception that someone can read everything in the cookie file. This is 100 percent false. A Web site can only read what it puts there. Nothing else.

Not Exactly Cream Filled
Back to the Web Tutorial Table of Contents

How did I get a cookie from this site? I've never been there! Is my personal information being hijacked?

Some advertising companies, are in the proverbial hot seat because of their cookie tactics. A server cannot set a cookie for a domain it is not a member of. However, almost any Web user could get a cookie at one time or another, without ever visiting the site that cooked it. A clever subterfuge and other advertisers have employed a clever solution that enables them to track users and serve media content without violating any laws.

Those little advertising graphics like "Top 5%" or "Browser Now" can serve more than one purpose. When you view a website using such icons, your browser sends a matching cookie and the URL of the document on which the graphic appears to a second site serving the advertisors who can eventually construct a database listing all documents (containing their icons) which have been viewed from your browser. This database could accumulate a detailed profile. Particularly, if you provided any personal information at the first site, such as a registration form. This information may be associated, via the dreaded referrer field database, to your clickstream through participating sites. In other words, these technologies make it possible for you to be followed through "cyberspace", regardless of whether you browse from home or office. Sites carrying this kind of advertising could be compromising your privacy.

This usage of cookies is controversial, and has polarized opinions on cookies, privacy, and the Internet. Regulatory committees are currently working on proposals to ban or limit this kind of cookie usage.

Good Cookies
Back to the Web Tutorial Table of Contents

Cookies have obvious appeal for corporate webmasters because make it possible for users to customize their interaction with large complex websites, and to customize the way they view a website.

For some situations, the cookie offers the best and most practical business solution. One example is an online shopping site. The site's webmaster can use cookies to implement a "shopping cart", allowing you to spread a single shopping session across several visits to the site. Nominal customer information and shopping cart items can be stored in the cookie file, and recalled whenever the user revisits the online mall. In most cases websites store minimal information in the persistent cookie on the user's system as an index of details, such as customer info and shopping cart items.

Netscape Communications and Amazon Books use a temporary cookie to maintain state information for shoppers. This enables a site to spread products and information over multiple pages, or put order/entry forms on a separate page.

Persistent cookies -- those stored on a user's file system -- are those to be used each time the user visits a website. Netscape uses this kind of cookie to enable users to set preferences for viewing the site, for example with or without frames. Search sites such as Excite.com and Search.com also use cookies to customize what kind of information the user prefers to see when they log into the site.

Cookies can be used to store registration information so that a user does not have to enter a login and password each time they visit a site. Macworld Club, HotWired, and The New York Times store the information necessary for entrance in a persistent cookie. If a user loses or discards the cookie they simply need to repeat the manual login process, which establishes a new cookie.

Session vs Persistent
Simply put, a SESSION cookie resides in the browser. and not on the hard drive. It can be used in conjunction with data stored in a login database to regulate participation in a website's service. When the user closes the browser or surfs to a new site, the cookie is either dropped or is written by the browser to the hard drive for later reference.

A persistant cookie can prevent duplicate user ids from being generated. Each time an established user logs into a restricted site, the Web server and database compares the browser cookie against the database record. Each connection attempt is logged, together with a variety of tidbits, such as browser type, IP address, and operating system. If the browser cookie and the cookie stored in the server database match, access is granted and the cookie is replaced with a new unique identifier. This prevents others from using your login name and password.

If cookies are not used, however there are still other methods for maintaining a user specific record:

Both methods have limitations. Both expose data during transmission (unless used in a secured session using something like Secure Sockets -- SSL).

The Bottom Line
Users have the power to reject cookies, so if the Web industry wants to use them, they're going to have to use them responsibly. Privacy policies should be developed that give users proper notice, choices, and security, regarding whatever information is being cooked up and put in a jar.

Your Choices With Cookies
Back to the Web Tutorial Table of Contents

You can choose your cookie when you set up your Preferences.

Choosing cookies option graphic

How can I protect my privacy?
Be thoughtful when providing information that seems unrelated to the purpose of your visit. Periodically erase the information in the cookies file.

Beware of statements like the following :


Supportive Cancer Care
by Ernest H. Rosenbaum, MD & Isadora R. Rosenbaum, MA
www.CancerSupportiveCare.com Modules  |  Home  |  Search Our Website   |  Site Map  |  Contact Us  |  Top
www.CancerSupportiveCare.com  |  Phone : 510-649-8177  |  Fax: 510-649-8276