From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me X-Spam-Level: X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00 autolearn=ham autolearn_force=no version=3.4.4 X-Google-Language: ENGLISH,ASCII-7-bit X-Google-Thread: 103376,8429314ce5e9d92a X-Google-Attributes: gid103376,public X-Google-ArrivalTime: 2003-05-19 17:33:04 PST Path: archiver1.google.com!news1.google.com!newsfeed.stanford.edu!news-spur1.maxwell.syr.edu!news.maxwell.syr.edu!eusc.inter.net!cs.tu-berlin.de!uni-duisburg.de!not-for-mail From: Georg Bauhaus Newsgroups: comp.lang.ada Subject: Re: Programming Language Survey Date: Tue, 20 May 2003 00:33:03 +0000 (UTC) Organization: GMUGHDU Message-ID: References: <1b2f70c3.0305161120.6ca17b7e@posting.google.com> <2tNCm7hWr4Xn@eisner.encompasserve.org> NNTP-Posting-Host: d2-hrz.uni-duisburg.de X-Trace: a1-hrz.uni-duisburg.de 1053390783 20052 134.91.1.15 (20 May 2003 00:33:03 GMT) X-Complaints-To: usenet@news.uni-duisburg.de NNTP-Posting-Date: Tue, 20 May 2003 00:33:03 +0000 (UTC) User-Agent: tin/1.5.8-20010221 ("Blue Water") (UNIX) (HP-UX/B.11.00 (9000/831)) Xref: archiver1.google.com comp.lang.ada:37541 Date: 2003-05-20T00:33:03+00:00 List-Id: Larry Kilgallen wrote: : In article , Georg Bauhaus writes: :> :> Has your browser had to accept cookies? : : Of course not. My browser settings are fully secured - no cookies, Java : or JavaScript. That might explain a few things. They did send cookies, ASPs in the background, and they might have done tracking using cookies (an alternative beeing URL-rewriting). When finally results are to be stored, a uniqueness check might have to be done first, using the session cookie (HTTP beeing stateless, the request, and therefore the data, might have come from anywhere). Cookies are potentially evil if and only if the browser software does not give you control over them; in particular, it should be possible to prevent programs from reading cookies, and to protect cookies such that only the originating site may request them, and only with your consent. Wesley Groleau has listed some possibilities, Mozilla has quite extensive support for cookie control. Cookies can be useful! In a decent browser, they can act as a token somewhat like a tag in a tagged type for its identification, or like an enum value. (Somehow an HTTP server must know the origin of the page it receives in circumstances like a survey; to use something other than cookies one could use hidden content in a web page that is generated when a new request for the survey page is made, somehow coding the originators IP address as well; but IP addresses may be dynamic, and the process is similar to generating a session cookie anyway. In addition, cookies may be useful in (server side) state tracking, e.g. when the client browser software has crashed. the server may then send the proper page on resumption, if the cookie still provides enough information.) With a good browser, cookies aren't seen by any machine not explicitely listed by you. If a server uses URL-rewriting instead (like Apple's WebObjects), the rewritten URL is not too different from a cookie HTTP header, as far as sniffing protection is concerned. Anyway, any site using cookies could explain why they do so, and send some explanatory comments. -- Georg