View source for Cookies

Because [[HTTP]] is a stateless protocol, cookies are used to pass information transparently between the client and server, emulating a "state".

The server sets cookies on the client by using the Set-Cookie header as many times as needed to set new cookie values.

The [http://www.ietf.org/rfc/rfc2965.txt RFC] describing cookies recommends to URL-encode both the cookie name and the cookie value. As HTTP is a plain-text protocol, it could indeed be for the least annoying if we didn't encode to set a cookie with a value containing a CRLF, for example.

= Setting a cookie =
{{:Cookies/Setting_A_Cookie}}
= Accessing a cookie =
{{:Cookies/Accessing_A_Cookie}}
= Deleting a cookie =
{{:Cookies/Deleting_A_Cookie}}
= Flags =
{{:Cookies/Flags}}
= Attacks =
{{:Cookies/Attacks}}

{{exploitation}}
{{social}}