Home > Articles > Programming > Python

  • Print
  • + Share This
From the author of

Maintaining State

The most difficult thing about web systems is the inherently stateless nature of the HTTP protocol used to communicate between client and server. Netscape designed the cookie mechanism as a way around this problem. Each cookie is associated with a domain and a path, and is stored on the client rather than the server. When the client makes any web request, it first searches its cookies and returns any that match both the domain and the path as a part of a request. By serving up appropriate cookies, a server can ensure that a browser identifies itself in such a way that a request can be associated with previous requests.

If properly implemented, cookies can actually assist users in maintaining their privacy, by storing confidential data (or keys that allow the server to retrieve it from a local database) on the client side. Unfortunately, cookies have received bad press, largely due to their capability to track users through several sites where the same advertiser serves up advertising impressions. Because the advertiser can serve up cookies related to the advertising content, and because HTTP requests often include a reference to the URL in which they were embedded, it is possible to track a set of visits to pages from unrelated sites both using the same advertiser. What is more, too many naïve cookie implementations fail under "replay" attacks, where someone who can snoop the network traffic can forge a client's identity simply by using the same data again.

If you plan to maintain state using cookies, you should satisfy yourself (if necessary by hiring somebody who understands the problems in sufficient depth) that your implementation is reasonably secure. Most of all, do not assume that, because the details of your scheme are undisclosed, that will make it any harder to break—a scheme often referred to as "security by obscurity." Companies as large as Lotus Corporation have made this mistake and learned that cryptanalysis can lay such schemes bare in short order. My own personal approach to security might be summed up as "security by total insignificance": I have little information anyone would want to steal that I am not already giving away. Such is the world of open-source.

  • + Share This
  • 🔖 Save To Your Account