Cookies
Everything on SkillVeris tagged Cookies — collected across the glossary, study notes, blog, and cheat sheets.
13 resources across 2 libraries
Study Notes(2)
Configuring Headers and Cookies
Use the HTTP Header Manager and HTTP Cookie Manager to simulate realistic browser and API-client behavior, including auth headers and session cookies.
Sessions and Cookies
Learn how PHP maintains state across stateless HTTP requests using cookies for client-side storage and sessions for server-side storage keyed by a session iden…
Interview Questions(11)
How Do Cookies Work Over HTTP?
A cookie is a small piece of state a server asks a browser to store via the `Set-Cookie` response header, which the browser then automatically re-attaches on t…
What is Session Persistence?
Session persistence (also called sticky sessions) is a load balancer feature that routes all requests from a given client to the same backend server for the du…
Cookies vs Sessions vs JWT
A cookie is a small piece of data the browser stores and sends back with each request; a session keeps user state on the server and uses a cookie holding only…
What is the Same-Origin Policy?
The Same-Origin Policy (SOP) is a browser security rule that restricts scripts on one origin (scheme, host, and port) from reading data from a different origin…
What is CSRF?
CSRF (Cross-Site Request Forgery) is an attack where a malicious site tricks a victim's browser into sending an authenticated request to another site the victi…
What is XSS?
XSS (Cross-Site Scripting) is a vulnerability where an attacker injects malicious JavaScript into a page viewed by other users, letting that script run with th…
What Are the Secure and HttpOnly Cookie Attributes?
The Secure attribute tells the browser to send a cookie only over HTTPS connections, and the HttpOnly attribute tells the browser to hide the cookie from JavaS…
What Is the SameSite Cookie Attribute and How Does It Prevent CSRF?
SameSite is a cookie attribute that tells the browser whether to include the cookie on requests originating from a different site than the one that set it, and…
What Is a Session Fixation Attack and How Do You Prevent It?
Session fixation is an attack where an attacker sets or predicts a victim’s session identifier before login and then, once the victim authenticates using that…
IndexedDB vs localStorage vs Cookies: When Do You Use Each?
Cookies are small, automatically sent-with-every-HTTP-request key-value pairs meant for server-visible state like session identifiers, localStorage is a synchr…
What Are the Size Limits of Web Storage Mechanisms?
Cookies are limited to roughly 4KB per cookie (and a per-domain count cap around 50-180 depending on the browser), localStorage and sessionStorage typically ca…