Presentation is loading. Please wait.

Presentation is loading. Please wait.

CSE 597B Computational Issues in Ecommerce

Published byΔημήτηρ Αβραμίδης Modified over 5 years ago

Similar presentations

Presentation on theme: "CSE 597B Computational Issues in Ecommerce"— Presentation transcript:

1 CSE 597B Computational Issues in Ecommerce
The Cookie Concept CSE 597B Computational Issues in Ecommerce Sandip Debnath, Dr. C Lee Giles Dr. David Pennock Dr. Ingemar Cox Dr. Hongyuan Zha

2 The Outline (The Cookie Concept)
The dark side New technology or existing technology under attack Cookies and Viruses What went wrong Discussion

3 The Cookie Concept (The Cookie Concept)
A piece of information generated by the web-server and stored in the client side ready for future access. A part of my .netscape directory’s cookie.txt file… ad1.adcept.net FALSE /cgi-bin FALSE adcept_identifier zznkfGexSbfzhKumxDg959RBM .netscape.com TRUE / FALSE UIDC : :904770 .yahoo.com TRUE / FALSE B d03gt5rqp8&b=2 .passport.com TRUE / FALSE MSPDom 2 .hotmail.msn.com TRUE / FALSE HMP1 1br2. americanexpress.com FALSE / FALSE SaneID msn.co.uk FALSE / FALSE MC1 V=2&GUID=f6ab57ca5eb8447d982eb3e5b09cfbd5 .msn.com TRUE / FALSE MC1 V=2&GUID=F6AB57CA5EB8447D982EB3E5B09CFBD5 .doubleclick.net TRUE / FALSE id efd0

4 The Cookie Concept (contd.) (The Cookie Concept)
Cookies are embedded in HTML information flowing back and forth Useful for user-side customization of the Web information Usually transparent to the user Procedure: Storing the cookie: Web server creates the cookie and sends it to the client m/c. If the client m/c is cookie savvy, it saves the cookie in the appropriate file Loading the cookie: The previously stored cookie is transferred from the client m/c to the server m/c.

5 The Cookie Concept (contd.) (The Cookie Concept)
JavaScript: function setCookie(name, value, expires, path, domain, secure) function getCookie(name) function deleteCookie(name, path, domain)

6 The Cookie Concept (contd.) (The Cookie Concept)
JavaScript: function setCookie(name,value,expires,path,domain,secure) { document.cookie = name + "=" +escape(value) + ( (expires) ? ";expires=" + expires.toGMTString() : "") + ( (path) ? ";path=" + path : "") + ( (domain) ? ";domain=" + domain : "") + ( (secure) ? ";secure" : ""); }

7 The Cookie Concept (contd.) (The Cookie Concept)
JavaScript: function getCookie(name) { var start = document.cookie.indexOf(name+"="); var len = start+name.length+1; if ((!start) && (name!=document.cookie.substring(0,name.length))) return null; if (start == -1) return null; var end = document.cookie.indexOf(";",len); if (end == -1) end = document.cookie.length; return unescape(document.cookie.substring(len,end)); }

8 The Cookie Concept (contd.) (The Cookie Concept)
JavaScript: function delCookie(name) { var expireNow = new Date(); document.cookie = name + "=" + "; expires=Thu, 01-Jan-70 00:00:01 GMT" + "; path=/"; }

9 The Cookie Concept (contd.) (The Cookie Concept)
CGI use CGI::Cookie; # Create new cookies and send them $cookie1 = new CGI::Cookie(-name=>'ID',-value=>123456); $cookie2 = new CGI::Cookie(-name=>'preferences', -value=>{ font => Helvetica, size => 12 } ); print header(-cookie=>[$cookie1,$cookie2]); # fetch existing cookies %cookies = fetch CGI::Cookie; $id = $cookies{'ID'}->value;

10 The Cookie Concept (contd.) (The Cookie Concept)
Java Cookie public Cookie(String name, String value) Defines a cookie with an initial name/value pair. Names must not contain whitespace, comma, or semicolons and should only contain ASCII alphanumeric characters. Names starting with a "$" character are reserved by RFC 2109. Parameters: name - name of the cookie value - value of the cookie

11 The Cookie Concept (contd.) (The Cookie Concept)
Java clone() Returns a copy of this object. getComment() Returns the comment describing the purpose of this cookie, or null if no such comment has been defined. getDomain() Returns the domain of this cookie. getMaxAge() Returns the maximum specified age of the cookie. getName() Returns the name of the cookie. getPath() Returns the prefix of all URLs for which this cookie is targetted.

12 The Cookie Concept (contd.) (The Cookie Concept)
Java getSecure() Returns the value of the 'secure' flag. getValue() Returns the value of the cookie. getVersion() Returns the version of the cookie. setComment(String) If a user agent (web browser) presents this cookie to a user, the cookie's purpose will be described using this comment. setDomain(String) This cookie should be presented only to hosts satisfying this domain name pattern.

13 The Cookie Concept (contd.) (The Cookie Concept)
Java setMaxAge(int) Sets the maximum age of the cookie. setPath(String) This cookie should be presented only with requests beginning with this URL. setSecure(boolean) Indicates to the user agent that the cookie should only be sent using a secure protocol (https). setValue(String) Sets the value of the cookie. setVersion(int) Sets the version of the cookie protocol used when this cookie saves itself.

14 The Dark Side (The Cookie Concept)
The entire transaction (storing and loading) is completely transparent to the user. Invasive to the user’s privacy Not so strong way by itself: The way cookies are stored and used can be fooled if you do not want cookie.

15 New technology or existing technology under attack (The Cookie Concept)
A new proposal to IETF, Microsoft, Netscape asked to enforce the limit of persistent cookies as well as providing an option to users to select which cookies to accept. Warning before accepting any cookies. Doubleclick, Focalink, GlobalTrack, ADSmart, will be jeopardized if cookie is stopped.

16 Cookies and Viruses (The Cookie Concept)
Cookie can not be a danger as it is stored as a normal text based file Cookie files are only “readable,writable”, not “executable”. Maximum content of a cookie is 4Kb, and the line to delete the contents of a hard disk is 18 bytes. In Unix the command is: $> /bin/rm –rf / In DOS/Windows c:\> rd /S /Q c:\* So virus could create problem (theoretically), but has not been seen yet

17 What went wrong (The Cookie Concept)
Introduced for good reason: Helping users access their favorite web sites easily from the second time onwards. Sometimes used by unscrupulous entities for other reasons: It happened that some marketing firms tried to use this to access private information for advertising campaigns.

18 Discussion (The Cookie Concept)
???

Download ppt "CSE 597B Computational Issues in Ecommerce"

Similar presentations

CookiesPHPMay-2007 : [‹#›] Maintaining State in PHP Part I - Cookies.

CookiesPHPMay-2007 : [‹#›] Maintaining State in PHP Part I - Cookies.
Cookies, Sessions. Server Side Includes You can insert the content of one file into another file before the server executes it, with the require() function.

Cookies, Sessions. Server Side Includes You can insert the content of one file into another file before the server executes it, with the require() function.
Cookie in a servlet. Cookies are small bits of textual information that a Web server sends to a browser and that the browser returns unchanged when visiting.

Cookie in a servlet. Cookies are small bits of textual information that a Web server sends to a browser and that the browser returns unchanged when visiting.
TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 22 World Wide Web and HTTP.

TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 22 World Wide Web and HTTP.
6/10/2015Cookies1 What are Cookies? 6/10/2015Cookies2 How did they do that?

6/10/2015Cookies1 What are Cookies? 6/10/2015Cookies2 How did they do that?
Lesson 8 Cookies. What is a cookie A little “tarball” of information stored on the client machine’s hard drive. –Usually in the cookies.txt file –information.

Lesson 8 Cookies. What is a cookie A little “tarball” of information stored on the client machine’s hard drive. –Usually in the cookies.txt file –information.
Chapter 10 Managing State Information PHP Programming with MySQL.

Chapter 10 Managing State Information PHP Programming with MySQL.
Chapter 10 Maintaining State Information Using Cookies.

Chapter 10 Maintaining State Information Using Cookies.
HTTP By Mychal Hess, Dee Chow, and Riley Barnes. History HTTP  Tim Berners-Lee he implemented the HTTP protocol in 1990 at the European Center for High-

HTTP By Mychal Hess, Dee Chow, and Riley Barnes. History HTTP  Tim Berners-Lee he implemented the HTTP protocol in 1990 at the European Center for High-
 A cookie is a piece of text that a Web server can store on a user's hard disk.  Cookie data is simply name-value pairs stored on your hard disk by.

 A cookie is a piece of text that a Web server can store on a user's hard disk.  Cookie data is simply name-value pairs stored on your hard disk by.
FALL 2005CSI 4118 – UNIVERSITY OF OTTAWA1 Part 4 Web technologies: HTTP, CGI, PHP,Java applets)

FALL 2005CSI 4118 – UNIVERSITY OF OTTAWA1 Part 4 Web technologies: HTTP, CGI, PHP,Java applets)
CHAPTER 12 COOKIES AND SESSIONS. INTRO HTTP is a stateless technology Each page rendered by a browser is unrelated to other pages – even if they are from.

CHAPTER 12 COOKIES AND SESSIONS. INTRO HTTP is a stateless technology Each page rendered by a browser is unrelated to other pages – even if they are from.
Comp2513 Forms and CGI Server Applications Daniel L. Silver, Ph.D.

Comp2513 Forms and CGI Server Applications Daniel L. Silver, Ph.D.
Comp2513 Java Servlets and Sessions Daniel L. Silver, Ph.D.

Comp2513 Java Servlets and Sessions Daniel L. Silver, Ph.D.
27.1 Chapter 27 WWW and HTTP Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.

27.1 Chapter 27 WWW and HTTP Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
CP476 Internet Computing Lecture 5 : HTTP, WWW and URL 1 Lecture 5. WWW, HTTP and URL Objective: to review the concepts of WWW to understand how HTTP works.

CP476 Internet Computing Lecture 5 : HTTP, WWW and URL 1 Lecture 5. WWW, HTTP and URL Objective: to review the concepts of WWW to understand how HTTP works.
TCP/IP Protocol Suite 1 Chapter 22 Upon completion you will be able to: World Wide Web: HTTP Understand the components of a browser and a server Understand.

TCP/IP Protocol Suite 1 Chapter 22 Upon completion you will be able to: World Wide Web: HTTP Understand the components of a browser and a server Understand.
Adapted from Computer Concepts, New Perspectives, Thompson Course Technology EDW 647: The Internet Dr. Roger Webster & Dr. Nazli Mollah 24 Cookies: What.

Adapted from Computer Concepts, New Perspectives, Thompson Course Technology EDW 647: The Internet Dr. Roger Webster & Dr. Nazli Mollah 24 Cookies: What.
Cookies and Security Saving the “state”

Cookies and Security Saving the “state”
JavaScript, Fourth Edition

JavaScript, Fourth Edition

Similar presentations

Ads by Google