Archives

You are currently viewing archive for November 2011

11/11: Web Cookie

Category: General
Posted by: bagheljas
Web protocol HTTP(S) by design is stateless. A Cookie is created to facilitate desktop like applications over the web protocol HTTP(s); also known as Web Cookie, HTTP Cookie and Browser Cookie. Web Server sets a cookie on initial request from the Web Client and then subsequent request the Web Client presents the Web Cookie to the Web Server that is earlier set by the Web server. The Web Cookie creation, retention and presentation from the Web Client and Web Server is governed by the RFC 5265 (earlier versions are RFC 2109 and RFC 2965) created by the Internet Engineering Task Force (IETF) in April 2011.

Category: Best Practices
Posted by: bagheljas
IP Address based User Persistence and/or Stickiness works for the users whose public IP address is fixed during user session and their ISP is not using stateless forward proxies to serve the http/https request to the outside world.

Cookies based User Persistence and/or Stickiness works in all the cases where even an ISP provider like AOL who uses stateless forward proxies to serve the http/https request for their customer for better user experience. The implementation of the forward proxies to serve http/https request from enterprise networks is also used not only for better performance and network resource optimization but for better security and monitoring.

Cookie based User Persistence and/or Stickiness will always works even if the stateless forward http/https proxy is used to serve the end users. It recommended that we use User Cookie over IP Address.


Disclaimer

The views expressed in the blog are those of the author and do not represent necessarily the official policy or position of any other agency, organization, employer, or company. Assumptions made in the study are not reflective of the stand of any entity other than the author. Since we are critically-thinking human beings, these views are always subject to change, revision, and rethinking without notice. While reasonable efforts have been made to obtain accurate information, the author makes no warranty, expressed or implied, as to its accuracy.