In secure web applications, can I identify clients by cookies?
Sunday, 22 March 2026
by Jose Carvalho
The identification of clients in secure web applications is a central topic in web security and system design. Cookies, as a mechanism for maintaining state and storing client-specific information, are frequently employed for this purpose. However, using cookies for client identification involves a nuanced understanding of their capabilities, limitations, and associated security implications. Cookies as
- Published in Cybersecurity, EITC/IS/ACSS Advanced Computer Systems Security, Network security, Web security model
Tagged under:
Authentication, Cybersecurity, HTTP Cookies, Privacy, Session Management, Web Security
What is the purpose of the "httpOnly" attribute in HTTP cookies?
Saturday, 05 August 2023
by EITCA Academy
The "httpOnly" attribute in HTTP cookies serves a important purpose in enhancing the security of web applications. It is specifically designed to mitigate the risk of cookie theft and protect user data from being accessed or manipulated by malicious attackers. When a web server sends a cookie to a user's browser, it is typically stored