Online citations, reference lists, and bibliographies.

HTTP State Management Mechanism

A. Barth
Published 2011 · Computer Science

Cite This
Download PDF
Analyze on Scholarcy
Share
This document defines the HTTP Cookie and Set-Cookie headers. These headers can be used by HTTP servers to store state on HTTP user agents, letting the servers maintain a stateful session over the mostly stateless HTTP protocol. The cookie protocol has many historical infelicities that degrade its security and privacy. NOTE: If you have suggestions for improving the draft, please send email to http-state@ietf.org. Suggestions with test cases are especially appreciated.
This paper references



This paper is referenced by
10.1007/978-3-319-12226-7_2
Traditional Building Blocks of the Web
Philippe De Ryck (2014)
10.25777/1t52-wz02
Aggregating Private and Public Web Archives Using the Mementity Framework
M. R. Kelly (2019)
10.1007/978-3-319-31277-4_17
TooKie: A New Way to Secure Sessions
Peter Vörös (2016)
10.17487/RFC6455
The WebSocket Protocol
I. Fette (2011)
Application of mobile and Internet technologies for the investigation of human relationships with soundscapes
Charlie Mydlarz (2013)
10.1007/s12095-018-0280-y
Statistical attacks on cookie masking for RC4
Kenneth G. Paterson (2018)
Razpletanje sej spletnega strežnika
K. Berkovic (2016)
10.1109/SP.2010.35
On the Incoherencies in Web Browser Access Control Policies
K. Singh (2010)
En analyse knyttet til bruk av cookies.
Stine Hørthe (2012)
Analysis and prevention of security threats in web and cryptographic applications
M. Squarcina (2018)
10.1145/1866307.1866376
Protecting browsers from cross-origin CSS attacks
Lin-Shung Huang (2010)
10.1145/2872518.2888605
Longitudinal Study of the Use of Client-side Security Mechanisms on the European Web
Ping Chen (2016)
Organizational Domains and Use Policies for Domain Names
Casey T. Deccio (2016)
10.5479/ADS/bib/2017ivoa.spec.0524T
IVOA Recommendation: SSO - Single-Sign-On Profile: Authentication Mechanisms Version 2.0
G. Taffoni (2017)
10.1145/3129790.3129803
The relationship between the cost of cybercrime and web security posture: a case study on Belgian companies
Ping Chen (2017)
Evaluating & engineering: an approach for the development of secure web applications
Marianne Busch (2016)
Management and Processing of Vibration Data
Hamad Wisam Hussain (2013)
Mutual Authentication Protocol for HTTP draft-oiwa-http-mutualauth-12
Yutaka Oiwa (2012)
Internet Engineering Task Force (ietf) Http Strict Transport Security (hsts)
J. Hodges (2012)
10.1155/2019/9629034
A Server-Side JavaScript Security Architecture for Secure Integration of Third-Party Libraries
N. V. Ginkel (2019)
Sensor data transmission from a physical twin to a digital twin
Riku Ala-Laurinaho (2019)
Origin Cookies : Session Integrity for Web Applications
A. Bortz (2011)
Mobile Security Knowledge Area Issue 1 . 0
Sascha Fahl (2019)
10.1109/csf49147.2020.00016
Language-Based Web Session Integrity
S. Calzavara (2020)
10.25560/40922
An executable formal semantics of PHP with applications to program analysis
Daniele Filaretti (2015)
10.1007/978-3-030-29962-0_29
Testing for Integrity Flaws in Web Sessions
Stefano Calzavara (2019)
" handle " : " Alice " , " uid " : 22250 , " nonce
Lin-Shung Huang (2010)
10.17487/RFC7540
Hypertext Transfer Protocol Version 2 (HTTP/2)
Mike Belshe (2015)
Toward a Privacy Agent for Information Retrieval
Marc Ju (2013)
10.1007/978-3-319-64701-2_7
CookiesWall: Preventing Session Hijacking Attacks Using Client Side Proxy
Somanath Tripathy (2017)
10.1007/978-3-319-89641-0_11
Path Leaks of HTTPS Side-Channel by Cookie Injection
Fuqing Chen (2018)
Web Session Security: Formal Verification, Client-Side Enforcement and Experimental Analysis
Wilayat Khan (2015)
See more
Semantic Scholar Logo Some data provided by SemanticScholar