Which one of the following statements is NOT correct about HTTP cookies?

2015

Which one of the following statements is NOT correct about HTTP cookies?

  1. A.

    A cookie is a piece of code that has the potential to compromise the security of an Internet user

  2. B.

    A cookie gains entry to the user’s work area through an HTTP header

  3. C.

    A cookie has an expiry date and time

  4. D.

    Cookies can be used to track the browsing pattern of a user at a particular site

Attempted by 1087 students.

Show answer & explanation

Correct answer: A

Answer: The incorrect statement is "A cookie is a piece of code that has the potential to compromise the security of an Internet user."

Why this is incorrect:

  • A cookie is data (a name–value pair with optional attributes), not executable code.

  • Cookies are typically sent via the Set-Cookie HTTP response header (they can also be set or changed by JavaScript using document.cookie).

  • Cookies may include Expires or Max-Age attributes that define their lifetime; without those attributes they act as session cookies and expire when the browser closes.

  • Cookies can be used to track user behavior on a site (and third-party cookies can track across sites), which is a privacy concern but different from being executable code.

Explore the full course: Gate Guidance By Sanchit Sir