Online citations, reference lists, and bibliographies.

HTTP State Management Mechanism

A. Barth
Published 2011 · Computer Science

Cite This
Download PDF
Analyze on Scholarcy
This document defines the HTTP Cookie and Set-Cookie headers. These headers can be used by HTTP servers to store state on HTTP user agents, letting the servers maintain a stateful session over the mostly stateless HTTP protocol. The cookie protocol has many historical infelicities that degrade its security and privacy. NOTE: If you have suggestions for improving the draft, please send email to Suggestions with test cases are especially appreciated.
This paper references

This paper is referenced by
Traditional Building Blocks of the Web
Philippe De Ryck (2014)
Aggregating Private and Public Web Archives Using the Mementity Framework
M. R. Kelly (2019)
TooKie: A New Way to Secure Sessions
Peter Vörös (2016)
The WebSocket Protocol
I. Fette (2011)
Application of mobile and Internet technologies for the investigation of human relationships with soundscapes
Charlie Mydlarz (2013)
Statistical attacks on cookie masking for RC4
Kenneth G. Paterson (2018)
Razpletanje sej spletnega strežnika
K. Berkovic (2016)
On the Incoherencies in Web Browser Access Control Policies
K. Singh (2010)
En analyse knyttet til bruk av cookies.
Stine Hørthe (2012)
Analysis and prevention of security threats in web and cryptographic applications
M. Squarcina (2018)
Protecting browsers from cross-origin CSS attacks
Lin-Shung Huang (2010)
Longitudinal Study of the Use of Client-side Security Mechanisms on the European Web
Ping Chen (2016)
Organizational Domains and Use Policies for Domain Names
Casey T. Deccio (2016)
IVOA Recommendation: SSO - Single-Sign-On Profile: Authentication Mechanisms Version 2.0
G. Taffoni (2017)
The relationship between the cost of cybercrime and web security posture: a case study on Belgian companies
Ping Chen (2017)
Evaluating & engineering: an approach for the development of secure web applications
Marianne Busch (2016)
Management and Processing of Vibration Data
Hamad Wisam Hussain (2013)
Mutual Authentication Protocol for HTTP draft-oiwa-http-mutualauth-12
Yutaka Oiwa (2012)
Internet Engineering Task Force (ietf) Http Strict Transport Security (hsts)
J. Hodges (2012)
A Server-Side JavaScript Security Architecture for Secure Integration of Third-Party Libraries
N. V. Ginkel (2019)
Sensor data transmission from a physical twin to a digital twin
Riku Ala-Laurinaho (2019)
Origin Cookies : Session Integrity for Web Applications
A. Bortz (2011)
Mobile Security Knowledge Area Issue 1 . 0
Sascha Fahl (2019)
Language-Based Web Session Integrity
S. Calzavara (2020)
An executable formal semantics of PHP with applications to program analysis
Daniele Filaretti (2015)
Testing for Integrity Flaws in Web Sessions
Stefano Calzavara (2019)
" handle " : " Alice " , " uid " : 22250 , " nonce
Lin-Shung Huang (2010)
Hypertext Transfer Protocol Version 2 (HTTP/2)
Mike Belshe (2015)
Toward a Privacy Agent for Information Retrieval
Marc Ju (2013)
CookiesWall: Preventing Session Hijacking Attacks Using Client Side Proxy
Somanath Tripathy (2017)
Path Leaks of HTTPS Side-Channel by Cookie Injection
Fuqing Chen (2018)
Web Session Security: Formal Verification, Client-Side Enforcement and Experimental Analysis
Wilayat Khan (2015)
See more
Semantic Scholar Logo Some data provided by SemanticScholar