What are cookies and sessions, and how do they relate to each other?

Active3 hr before
Viewed126 times

4 Answers


Cookies and sessions are both ways to preserve the application's state between different requests the browser makes. It's thanks to them that, for instance, you don't need to log in every time you request a page on StackOverflow.,Sessions are usually short-lived, which makes them ideal in saving temporary state between applications. Sessions also expire once the user closes the browser.,Sessions are considered more secure than cookies because the variables themselves are kept on the server. Here's how it works:,Cookies are usually used to preserve login state, where a username and a special hash are sent from the browser, and the server checks them against the database to approve access.

Cookies are small bits of data, (maximum of 4KB long), which hold data in a key=value pairs:

name = value;
name2 = value2
load more v

Creates a cookie on this visitor's browser. Then, redirects visitor to DisplayWelcome.,Upon clicking the Submit button, the visitor is transported to SetFeeling. This element assigns the visitor's mood to a new session variable named CurrentFeeling.,Upon clicking some meaty content, the visitor is transported to the Meat page. This page evaluates the session variable:,The preceding code sets the value of the cookie to the visitor's favorite color. This cookie lasts for one year (31,536,000 seconds).

The feelings form doesn't really involve sessions or variables; this element merely generates a form. The visitor's chosen mood is passed to the SetFeeling element:

<form action="ContentServer" method="post">
   <input type="hidden" name="pagename" value="CSGuide/Sessions/SetFeelings" />

   <P>How are you feeling right now?</P>
      <select name="Feeling" size="1">
         <option>Not so Good</option>

   <P><input type="submit" name="doit" value="Submit" /></P>
load more v

Difference between Cookies and Session,Cookies are the text files that store the user data and information on the client-side.,A cookie stores the data for future reference.,A cookie expired depending on the lifetime we set for it.

We can declare a session state ‘variable as shown below:

Session[“UserName”] = “Rashmi”;

If the user requests a page of the site, but the request contains no cookie, the server presumes that this is the first page visited by the user. So the server creates a unique identifier (typically a string of random letters and numbers) and sends it as a cookie back to the browser together with the requested page.,From this point on, the cookie will automatically be sent by the browser to the server every time a new page from the site is requested. The server not only sends the page as usual but also stores the URL of the requested page, the date/time of the request, and the cookie in a log file.,A persistent cookie expires at a specific date or after a specific length of time. For the persistent cookie's lifespan set by its creator, its information will be transmitted to the server every time the user visits the website that it belongs to, or every time the user views a resource belonging to that website from another website (such as an advertisement). ,This method consists of the web server appending query strings containing a unique session identifier to all the links inside of a web page. When the user follows a link, the browser sends the query string to the server, allowing the server to identify the user and maintain state.

GET / index.html HTTP / 1.1
Host: www.example.org
load more v

Other "sessions-cookies" queries related to "What are cookies and sessions, and how do they relate to each other?"