Cookies

Intro SOP restricts how a document or script loaded from one origin can interact with resource from another origin (cross domain traffic) Implemented in the Browser Policies are applied in the Background without User interaction required Restrict access to: DOM Cookies WebStorage Local Storage Session Storage IndexedDB Restrict Components Javascript API XMLhttpRequest (XHR), Fetch API Flash (t 2020) … Applets, Silverlight, XDomainRequest How it Works SOP = Protocol = https = Hostname = www.

What is a HTTP Cookie? https://developer.mozilla.org/en-US/docs/Web/HTTP/Cookies An HTTP cookie (web cookie, browser cookie) is a small piece of data that a server sends to the user’s web browser. The browser may store it and send it back with later requests to the same server. Typically, it’s used to tell if two requests came from the same browser — keeping a user logged-in, for example. It remembers stateful information for the stateless HTTP protocol.