How are cookies passed in the HTTP protocol

Question

User · Accepted Answer

The server sends the following in its response header to set a cookie field.

Set-Cookie:name=value

If there is a cookie set, then the browser sends the following in its request header.

Cookie:name=value

See the HTTP Cookie article at Wikipedia for more information.

User · Answer

create example script as resp       bin bash  http code 200 mime text html  echo -e  HTTP 1 1  http code OK r  echo  Content-type   mime  echo echo  Set-Cookie  name F    then make executable and execute like this      resp   nc -l -p 12346   open browser and browse URL  http   localhost 1236 you will see Cookie value which is sent by Browser        aaa bbbbbbbb      resp   nc -l -p 12346     GET   HTTP 1 1     Host  xxx xxx xxx xxx 12346     Connection  keep-alive     Cache-Control  max-age 0     Accept  text html application xhtml xml application xml q 0 9 image webp     q 0 8     Upgrade-Insecure-Requests  1     User-Agent  Mozilla 5 0  Windows NT 6 1  AppleWebKit 537 36  KHTML  like Gecko  Chrome 49 0 2623 112 Safari 537 36     Accept-Encoding  gzip  deflate  sdch     Accept-Language  en-US en q 0 8 ru q 0 6     Cookie  name F

User · Answer

Apart from what it s written in other answers  other details related to path of cookie  maximum age of cookie  whether it s secured or not also passed in Set-Cookie response header  For instance   Set-Cookie name value   expires date    domain domain    path path    secure     However  not all of these details are passed back to the server by the client when making next HTTP request   You can also set HttpOnly flag at the end of your cookie  to indicate that your cookie is httponly and must not allowed to be accessed  in scripts by javascript code  This helps to prevent attacks such as session-hijacking   For more information  see RFC 2109  Also have a look at  Nicholas C  Zakas s article  HTTP cookies explained

User · Answer

Cookies are passed as HTTP headers  both in the request  client -  server   and in the response  server -  client

[http] How are cookies passed in the HTTP protocol?

Examples related to http

Examples related to cookies