What are Session Cookies?
A session cookie, also sometimes known as a transient cookie, is stored in temporary memory and remains available for the duration of your active “session” within the browser. When you close your browser it is automatically removed from memory. On you next visit to the web site, you will not be recognised and will therefore be treated as a completely new person. This is because there is nothing in the browser to let the web site know you have previously visited.
This types of cookie can allow a web site to keep track of your movement from page to page within that web site during an active session. This helps ensure that a web page does not ask for the same information many times. This can be very beneficial to you as it negates the need to login multiple times as you navigate from one page to the next.
Session cookies do not collect information about the user, but typically store data in the form of a unique identifier that does not personally identify you. They are never written to the hard drive. Often they are set to become invalid after a time period of inactivity.
You can adjust them through the settings feature of your browser
Differences between session / regular cookies.
Regular Cookies | Session Cookies |
Stored in Browser | Stored in client side a temporary memory txt file not on the hard drive |
Easily blocked and deleted from browser | Blocking is easy, web browser deletes on close |
Size=4kb | Size=max of 4,096 bytes per domain |
Works in single browser | Work in active browser session only |
How do they work exactly?
It usually will store the information in the form of a txt file and the information from that specific browsing session creates a unique identifier that does not personally identify the user. The web browser will send back the unique identifier with each subsequent request and the cookie is stored which is associated with a unique identifier. This deletes once the session is closed.
Who uses them?
Most of the time they are used for shopping cart software, supplying the website the software for baskets and checkouts. Site customisation, Online forms, Cookies for using personalised answer tools, Cookies for using mobile services.
Purposes of using a session cookie.
The purpose is mainly to remember your activity within the website, it exists for the duration of your visit. For example many times it is used for shopping cart software of online applications so the software can remember your previous page information i.e. imagine buying a product online from a website and you enter your order for product A once you move around the website it still remembers your product A in the basket – this is one of the main purposes of a what a session is for.
Privacy Risk
This basic type of cookie is transient in nature there for it is removed from memory once the browser session comes to an end. This important factor helps to ensure that the privacy threat is minimal. No data will be stored about you or your activities. This type of cookie is short-term and used for current activities on the screen.
How to delete them?
Session cookies are to remember that you have made a selection or chosen preferences. They also help keep track of your progress so you don’t have to give the same information twice. They do not contain any personal information about you and they are automatically deleted when you leave the site.
Did you know
The Cookie List
Session
Sometimes known as a transient cookie, stored in temporary memory and remains available for the duration of your active “session” within the browser.
session cookie...Persistent
Also known as a stored cookie, it stores a file on your hard drive. The cookie would remain on the hard drive until it reaches its expiration date.
persistent cookie...Secure & HttpOnly
A secure cookie is just like a regular cookie, except it contains a special ‘HttpOnly’ flag that instructs the browser to restrict access to cookie data.
secure httponly cookie...Third-Party
Visit a web site, but have a cookie created by a completely different domain. This allows the third-party domain to track you i.e. Tracking Cookies
Third-Party Cookie...Super
Dangerous: Uses various techniques to resists deletion even when you clear your entire history they can remain hidden and reappear like a virus!
Super Cookie...Zombie
Dangerous: This is a cookie that can come back to life, hence the name Zombie. After it has been deleted it recreates itself.
Zombie Cookie...Ever
This is an example of a VERY persistent cookie. A cross between Super and Zombie types of cookie.
Ever Cookie...