Difference between Cookie and Session

-

Difference between Cookie and Session

What is Cookie?

A cookie is a small file with the maximum size of 4KB that the web server stores on the client computer. Once a cookie has been set, all page requests that follow return the cookie name and value. A cookie can only be read from the domain that it has been issued from. For example, a cookie set using the domain www.guru99.com cannot be read from the domain career.guru99.com. Most of the websites on the internet display elements from other domains such as advertising. The domains serving these elements can also set their own cookies. These are known as third party cookies. A cookie created by a user can only be visible to them. Other users cannot see its value. Most web browsers have options for disabling cookies, third party cookies or both.

What is a Session?

A session is a global variable stored on the server. Each session is assigned a unique id which is used to retrieve stored values. Whenever a session is created, a cookie containing the unique session id is stored on the user’s computer and returned with every request to the server. If the client browser does not support cookies, the unique session id is displayed in the URL. Sessions have the capacity to store relatively large data compared to cookies.
The session values are automatically deleted when the browser is closed. If you want to store the values permanently, then you should store them in the database.
Just like the $_COOKIE array variable, session variables are stored in the $_SESSION array variable. Just like cookies, the session must be started before any HTML tags.

Why and when to use Cookies?

Http is a stateless protocol; cookies allow us to track the state of the application using small files stored on the user’s computer. The path were the cookies are stored depends on the browser. Internet Explorer usually stores them in Temporal Internet Files folder. Personalizing the user experience – this is achieved by allowing users to select their preferences. The page requested that follow are personalized based on the set preferences in the cookies. Tracking the pages visited by a user.

Why and when to use Sessions?

To store important information such as the user id more securely on the server where malicious users cannot temper with them. Sessions are used to pass values from one page to another.
It is also used when you want the alternative to cookies on browsers that do not support cookies, to store global variables in an efficient and more secure way compared to passing them in the URL, developing an application such as a shopping cart that has to temporary store information with a capacity larger than 4KB.

Cookie Vs. Session

Cookie
Session
  • Cookies are client-side files that contain user information
  • Sessions are server-side files which contain user information
  • Cookie ends depending on the lifetime you set for it
  • A session ends when a user closes his browser
  • You don't need to start cookie as it is stored in your local machine
  • In PHP, before using $_SESSION, you have to write session_start(); Likewise for other languages
  • The official maximum cookie size is 4KB
  • Within-session you can store as much data as you like. The only limits you can reach is the maximum memory a script can consume at one time, which is 128MB by default
  • A cookie is not dependent on Session
  • A session is dependent on Cookie
  • There is no function named unsetcookie()
  • Session_destroy(); is used to destroy all registered data or to unset some

KEY DIFFERENCE

  • Cookies are client-side files that contain user information, whereas Sessions are server-side files that contain user information.
  • Cookie is not dependent on session, but Session is dependent on Cookie.
  • Cookie expires depending on the lifetime you set for it, while a Session ends when a user closes his/her browser.
  • The maximum cookie size is 4KB whereas in session, you can store as much data as you like.
  • Cookie does not have a function named unsetcookie() while in Session you can use Session_destroy(); which is used to destroy all registered data or to unset some
What are the technical pros and cons of localStorage, sessionStorage, session and cookies, and when would I use one over the other?

https://stackoverflow.com/questions/19867599/what-is-the-difference-between-localstorage-sessionstorage-session-and-cookies

localStorage and sessionStorage are both so-called WebStorages and features of HTML5.

localStorage stores information as long as the user does not delete them.

sessionStorage stores information as long as the session goes. Usually until the user closes the tab/browser.

cookies are simply cookies, which are supported by older browsers and usually are a fallback for frameworks that use the above mentioned WebStorages.

In contrast cookies can store way less information then WebStorages and the information in WebStorages is never transferred to the server.

Keep in mind that the EU has a regulation that requires websites to inform their users about the usage of cookies. I dont know whether this also applies to WebStorages

Comments

Post a Comment

Popular posts from this blog

Hibernate (Java) -- by jps sasadara

-
Image
HQL & JPAQuery for Springboot =>   https://drive.google.com/drive/u/1/folders/18KA0A0EKYmn6Z7auazNquPDaweqPQvHI               https://www.baeldung.com/jpa-join-types   (only if we want to write join query, but in HQL no need of using join  key word , if we can correctly implement the mapping classes ) Native SQL for Springboot => https://drive.google.com/drive/u/1/folders/17vdDhEXBKtbWpTkYUy5UcF_n_r2G-YDy      projects =>  https://drive.google.com/drive/folders/14x_9TeE5SZq6ECZqCmoBaGTgOUSssuqm?usp=sharing We can write plan SQL Query in hibernate using   session.createSQLQuery(sqlSearch); Eg-::  String sqlSearch = SQLVarList.MSSQL_DEVICEOPERATIONREPORT_SQL2 + where + orderBy;             Query querySearch = session.createSQLQuery(sqlSearch);             querySearch = setD...
Read more

Observer Design Pattern & RxJava & @Async

-
Image
  Observer Design Pattern According to GoF definition,  observer pattern  defines a one-to-many dependency between objects so that when one object changes state, all its dependents are notified and updated automatically. It is also referred to as the  publish-subscribe pattern . In observer pattern, there are many observers (subscriber objects) that are observing a particular subject (publisher object). Observers register themselves to a subject to get a notification when there is a change made inside that subject. A observer object can register or unregister from subject at any point of time. It helps is making the objects objects  loosely coupled . 1. When to use observer design pattern As described above, when you have a design a system where multiple entities are interested in any possible update to some particular second entity object, we can use the observer pattern The flow is very simple to understand. Application creates the concrete subject object. All...
Read more

JAVA uml Based cording <<< by jps sasadara >>>

-
                             COMPOSITION TUTORIAL The term  composition  is not unique to Java, composition is a concept of object-oriented programming. By now you should be familiar with the concept of  inheritance  - inheritance requires the use of the Java keywords  extends  or  implements . When your class inherits members from either a superclass or a superinterface, you can directly invoke or access those members. Consider the following code that demonstrates inheritance: class OperatingSystem {      void bootUp() { ... }      void shutDown() { ... } } class Computer extends OperatingSystem { } class TestMe {      public static void main(String args[]){          Computer c = new Computer();          c.bootUp();  ...
Read more