Which following information is wrong regarding to session and cookie?
A. Cookies are stored in user's browser.
B. Session are stored in server.
C. A cookie can keep information in users browser until deleted.
D. When a user close a browser, still session remains.
HTTP is a stateless protocol, which means that as soon as a page has been sent to the client and the connection is closed any data that has been stored is lost. As a developer, we often need a way of storing information across multiple pages of our web application. Here comes the terms session and cookies.
Several features of a cookie:
- Stored on the client computer and are thus decentralized.
- Can be set to a long lifespan and/or set to expire after a period of time from seconds to years.
- Limitations on size and number: A browser can keep only the last 20 cookies sent from a particular domain, and the values that a cookie can hold are limited to 4KB in size.
Several features of a session:
- Sessions can store very large amounts of data while regular cookies are limited in size.
- Sessions are much more secure than regular cookies since the data is stored on the server and cannot be edited by the user.
- Only lasts until the user closes their browser.
- Can be easily customized to store the information crated in the session to a database.