Which one of the following statements is NOT correct about HTTP cookies?
2015
Which one of the following statements is NOT correct about HTTP cookies?
- A.
A cookie is a piece of code that has the potential to compromise the security of an Internet user
- B.
A cookie gains entry to the user’s work area through an HTTP header
- C.
A cookie has an expiry date and time
- D.
Cookies can be used to track the browsing pattern of a user at a particular site
Attempted by 1087 students.
Show answer & explanation
Correct answer: A
Answer: The incorrect statement is "A cookie is a piece of code that has the potential to compromise the security of an Internet user."
Why this is incorrect:
A cookie is data (a name–value pair with optional attributes), not executable code.
Cookies are typically sent via the Set-Cookie HTTP response header (they can also be set or changed by JavaScript using document.cookie).
Cookies may include Expires or Max-Age attributes that define their lifetime; without those attributes they act as session cookies and expire when the browser closes.
Cookies can be used to track user behavior on a site (and third-party cookies can track across sites), which is a privacy concern but different from being executable code.