HTTP cookie (English Wikipedia)

Kristol, David M. (2001). "HTTP Cookies: Standards, Privacy, and Politics". ACM Transactions on Internet Technology. 1 (2). Association for Computing Machinery (ACM): 151–198. arXiv:cs/0105018. doi:10.1145/502152.502153. ISSN 1533-5399. S2CID 1848140.
Nouwens, Midas; Liccardi, Ilaria; Veale, Michael; Karger, David; Kagal, Lalana (21 April 2020). "Dark Patterns after the GDPR: Scraping Consent Pop-ups and Demonstrating their Influence". Proceedings of the 2020 CHI Conference on Human Factors in Computing Systems. Chi '20. Honolulu HI USA: ACM. pp. 1–13. arXiv:2001.02479. doi:10.1145/3313831.3376321. hdl:1721.1/129999. ISBN 978-1-4503-6708-0. S2CID 210064317.
Kampanos, Georgios; Shahandashti, Siamak F. (2021). "Accept All: The Landscape of Cookie Banners in Greece and the UK". ICT Systems Security and Privacy Protection. IFIP Advances in Information and Communication Technology. Vol. 625. Cham: Springer International Publishing. pp. 213–227. arXiv:2104.05750. doi:10.1007/978-3-030-78120-0_14. ISBN 978-3-030-78119-4. ISSN 1868-4238. S2CID 233219491.
Santos, Cristiana; Nouwens, Midas; Toth, Michael; Bielova, Nataliia; Roca, Vincent (2021), Gruschka, Nils; Antunes, Luís Filipe Coelho; Rannenberg, Kai; Drogkaris, Prokopios (eds.), "Consent Management Platforms Under the GDPR: Processors and/Or Controllers?", Privacy Technologies and Policy, Lecture Notes in Computer Science, vol. 12703, Cham: Springer International Publishing, pp. 47–69, arXiv:2104.06861, doi:10.1007/978-3-030-76663-4_3, ISBN 978-3-030-76662-7, S2CID 233231428, retrieved 6 June 2021
Dimova, Yana; Acar, Gunes; Olejnik, Lukasz; Joosen, Wouter; Van Goethem, Tom (5 March 2021). "The CNAME of the Game: Large-scale Analysis of DNS-based Tracking Evasion". arXiv:2102.09301 [cs.CR].

bbc.co.uk

"New net rules set to make cookies crumble". BBC. 8 March 2011. Archived from the original on 10 August 2018. Retrieved 21 June 2018.

brave.com

Brave (6 February 2020). "OK Google, don't delay real browser privacy until 2022". Brave Browser. Retrieved 24 July 2020.

catb.org

Raymond, Eric (ed.). "magic cookie". The Jargon File (version 4.4.7). Archived from the original on 6 September 2017. Retrieved 8 September 2017.

chromestatus.com

"'SameSite' cookie attribute, Chrome Platform tatus". Chromestatus.com. Archived from the original on 9 May 2016. Retrieved 23 April 2016.

chromium.org

blog.chromium.org

"SameSite Cookie Changes in February 2020: What You Need to Know". Chromium Blog. Retrieved 5 April 2021.
"Temporarily rolling back SameSite Cookie Changes". Chromium Blog. Retrieved 5 April 2021.
Schuh, Justin (28 May 2020). "Resuming SameSite Cookie Changes in July". Chromium Blog. Retrieved 18 February 2024.

cisco.com

"What are cookies? What are the differences between them (session vs. persistent)?". Cisco. 17 July 2018. 117925.

cnet.com

news.cnet.com

Vamosi, Robert (14 April 2008). "Gmail cookie stolen via Google Spreadsheets". News.cnet.com. Archived from the original on 9 December 2013. Retrieved 19 October 2017.
Whitney, Lance (26 May 2011). "Security researcher finds 'cookiejacking' risk in IE". CNET. Archived from the original on 14 June 2011. Retrieved 6 September 2019.

computerworld.com

Vijayan, Jaikumar (19 August 2011). "Microsoft disables 'supercookies' used on MSN.com visitors". Computerworld. Archived from the original on 27 November 2014. Retrieved 23 November 2014.

cookiecentral.com

Whalen, David (8 June 2002). "The Unofficial Cookie FAQ v2.6". Cookie Central. Archived from the original on 24 August 2011. Retrieved 4 January 2009.

direct.ca

mypage.direct.ca

"IE "default behaviors [sic]" browser information disclosure tests: clientCaps". Mypage.direct.ca. Archived from the original on 5 June 2011. Retrieved 28 January 2010.

doi.org

Kristol, David M. (2001). "HTTP Cookies: Standards, Privacy, and Politics". ACM Transactions on Internet Technology. 1 (2). Association for Computing Machinery (ACM): 151–198. arXiv:cs/0105018. doi:10.1145/502152.502153. ISSN 1533-5399. S2CID 1848140.
RFC 2109. sec. 8.3. doi:10.17487/RFC2109.
Bugliesi, Michele; Calzavara, Stefano; Focardi, Riccardo; Khan, Wilayat (16 September 2015). "CookiExt: Patching the browser against session hijacking attacks". Journal of Computer Security. 23 (4): 509–537. doi:10.3233/JCS-150529. hdl:10278/3663357.
Lee, Wei-Bin; Chen, Hsing-Bai; Chang, Shun-Shyan; Chen, Tzung-Her (25 January 2019). "Secure and efficient protection for HTTP cookies with self-verification". International Journal of Communication Systems. 32 (2): e3857. doi:10.1002/dac.3857. S2CID 59524143.
HTTP State Management Mechanism. doi:10.17487/RFC6265. RFC 6265.
Barth, A. HTTP State Management Mechanism, The Path Attribute. sec. 4.1.2.4. doi:10.17487/RFC6265. RFC 6265.
Barth, A. (March 2014). RFC 6265, HTTP State Management Mechanism, Domain matching. sec. 5.1.3. doi:10.17487/RFC6265. RFC 6265.
Barth, A. (March 2014). RFC 6265, HTTP State Management Mechanism, The Domain Attribute. sec. 4.1.2.3. doi:10.17487/RFC6265. RFC 6265.
Kristol, D.; Montulli, L. (March 2014). RFC 2109, HTTP State Management Mechanism, Set-Cookie syntax. sec. 4.2.2. doi:10.17487/RFC2109. S2CID 6914676. RFC 2109.
Barth, A. (2011). RFC 6265, HTTP State Management Mechanism. sec. 5.1.1. doi:10.17487/RFC6265. RFC 6265.
Veale, Michael; Zuiderveen Borgesius, Frederik (1 April 2021), Adtech and Real-Time Bidding under European Data Protection Law, doi:10.31235/osf.io/wg8fq, hdl:2066/253518, S2CID 243311598
Zuiderveen Borgesius, Frederik J. (August 2015). "Personal data processing for behavioural targeting: which legal basis?". International Data Privacy Law. 5 (3): 163–176. doi:10.1093/idpl/ipv011. ISSN 2044-3994.
Nouwens, Midas; Liccardi, Ilaria; Veale, Michael; Karger, David; Kagal, Lalana (21 April 2020). "Dark Patterns after the GDPR: Scraping Consent Pop-ups and Demonstrating their Influence". Proceedings of the 2020 CHI Conference on Human Factors in Computing Systems. Chi '20. Honolulu HI USA: ACM. pp. 1–13. arXiv:2001.02479. doi:10.1145/3313831.3376321. hdl:1721.1/129999. ISBN 978-1-4503-6708-0. S2CID 210064317.
Kampanos, Georgios; Shahandashti, Siamak F. (2021). "Accept All: The Landscape of Cookie Banners in Greece and the UK". ICT Systems Security and Privacy Protection. IFIP Advances in Information and Communication Technology. Vol. 625. Cham: Springer International Publishing. pp. 213–227. arXiv:2104.05750. doi:10.1007/978-3-030-78120-0_14. ISBN 978-3-030-78119-4. ISSN 1868-4238. S2CID 233219491.
Santos, Cristiana; Nouwens, Midas; Toth, Michael; Bielova, Nataliia; Roca, Vincent (2021), Gruschka, Nils; Antunes, Luís Filipe Coelho; Rannenberg, Kai; Drogkaris, Prokopios (eds.), "Consent Management Platforms Under the GDPR: Processors and/Or Controllers?", Privacy Technologies and Policy, Lecture Notes in Computer Science, vol. 12703, Cham: Springer International Publishing, pp. 47–69, arXiv:2104.06861, doi:10.1007/978-3-030-76663-4_3, ISBN 978-3-030-76662-7, S2CID 233231428, retrieved 6 June 2021
Zuiderveen Borgesius, F.J.; Kruikemeier, S.; C Boerman, S.; Helberger, N. (2017). "Tracking Walls, Take-It-Or-Leave-It Choices, the GDPR, and the ePrivacy Regulation". European Data Protection Law Review. 3 (3): 353–368. doi:10.21552/edpl/2017/3/9. hdl:11245.1/dfb59b54-0544-4c65-815a-640eae10668a.

dominopower.com

"Where cookie comes from :: DominoPower". dominopower.com. Archived from the original on 19 October 2017. Retrieved 19 October 2017.

edbrowse.org

The edbrowse documentation version 3.5 said "Note that only Netscape-style cookies are supported. However, this is the most common flavor of cookie. It will probably meet your needs." This paragraph was removed in later versions of the documentation Archived 2017-03-16 at the Wayback Machine further to RFC 2965's deprecation.

eff.org

panopticlick.eff.org

Eckersley, Peter (17 May 2010). "How Unique Is Your Web Browser?" (PDF). eff.org. Electronic Frontier Foundation. Archived from the original (PDF) on 15 October 2014. Retrieved 23 July 2014.

espacenet.com

worldwide.espacenet.com

US 5774670, Montulli, Lou, "Persistent client state in a hypertext transfer protocol based client-server system", published 1998-06-30, assigned to Netscape Communications Corp.

europa.eu

eur-lex.europa.eu

"EUR-Lex - 62017CN0673 - EN - EUR-Lex". eur-lex.europa.eu. Retrieved 6 June 2021.
"EUR-Lex - 32016R0679 - EN - EUR-Lex". eur-lex.europa.eu. Retrieved 6 June 2021.
"EUR-Lex - 62017CC0040 - EN - EUR-Lex". eur-lex.europa.eu. Retrieved 6 June 2021.

edpb.europa.eu

"Guidelines 05/2020 on consent under Regulation 2016/679 | European Data Protection Board". edpb.europa.eu. Retrieved 6 June 2021.

gbiv.com

roy.gbiv.com

Fielding, Roy (2000). "Fielding Dissertation: CHAPTER 6: Experience and Evaluation". Archived from the original on 27 April 2011. Retrieved 14 October 2010.

gemal.dk

"BrowserSpy". gemal.dk. Archived from the original on 26 September 2008. Retrieved 28 January 2010.

github.com

"Require "Secure" for "SameSite=None". by miketaylr · Pull Request #1323 · httpwg/http-extensions". GitHub. Retrieved 5 April 2021.

google.com

"Clear Personal Information : Clear browsing data". Google Chrome Help. Archived from the original on 11 March 2009. Retrieved 4 January 2009.
"Clear Personal Information: Delete cookies". Google Chrome Help. Archived from the original on 11 March 2009. Retrieved 4 January 2009.

groups.google.com

"Usenet Post by Marc Andreessen: Here it is, world!". 13 October 1994. Archived from the original on 27 April 2011. Retrieved 22 May 2010.

handle.net

hdl.handle.net

Bugliesi, Michele; Calzavara, Stefano; Focardi, Riccardo; Khan, Wilayat (16 September 2015). "CookiExt: Patching the browser against session hijacking attacks". Journal of Computer Security. 23 (4): 509–537. doi:10.3233/JCS-150529. hdl:10278/3663357.
Veale, Michael; Zuiderveen Borgesius, Frederik (1 April 2021), Adtech and Real-Time Bidding under European Data Protection Law, doi:10.31235/osf.io/wg8fq, hdl:2066/253518, S2CID 243311598
Nouwens, Midas; Liccardi, Ilaria; Veale, Michael; Karger, David; Kagal, Lalana (21 April 2020). "Dark Patterns after the GDPR: Scraping Consent Pop-ups and Demonstrating their Influence". Proceedings of the 2020 CHI Conference on Human Factors in Computing Systems. Chi '20. Honolulu HI USA: ACM. pp. 1–13. arXiv:2001.02479. doi:10.1145/3313831.3376321. hdl:1721.1/129999. ISBN 978-1-4503-6708-0. S2CID 210064317.
Zuiderveen Borgesius, F.J.; Kruikemeier, S.; C Boerman, S.; Helberger, N. (2017). "Tracking Walls, Take-It-Or-Leave-It Choices, the GDPR, and the ePrivacy Regulation". European Data Protection Law Review. 3 (3): 353–368. doi:10.21552/edpl/2017/3/9. hdl:11245.1/dfb59b54-0544-4c65-815a-640eae10668a.

howtogeek.com

Hoffman, Chris (28 September 2016). "What Is a Browser Cookie?". How-To Geek. Retrieved 3 April 2021.

ico.gov.uk

Privacy and Electronic Communications Regulations. Information Commissioner's Office. 2012. Archived from the original on 30 October 2012. Retrieved 31 October 2012.

ico.org.uk

"Cookies and similar technologies". ico.org.uk. 1 January 2021. Retrieved 6 June 2021.

cy.ico.org.uk

Information Commissioner's Office (2019). Update Report into Adtech and Real Time Bidding (PDF).

ietf.org

datatracker.ietf.org

RFC 2109. sec. 8.3. doi:10.17487/RFC2109.
West, Mike; Wilander, John (7 December 2020). Cookies: HTTP State Management Mechanism (Report). Internet Engineering Task Force.
HTTP State Management Mechanism. doi:10.17487/RFC6265. RFC 6265.
Barth, A. HTTP State Management Mechanism, The Path Attribute. sec. 4.1.2.4. doi:10.17487/RFC6265. RFC 6265.
Barth, A. (March 2014). RFC 6265, HTTP State Management Mechanism, Domain matching. sec. 5.1.3. doi:10.17487/RFC6265. RFC 6265.
Barth, A. (March 2014). RFC 6265, HTTP State Management Mechanism, The Domain Attribute. sec. 4.1.2.3. doi:10.17487/RFC6265. RFC 6265.
Kristol, D.; Montulli, L. (March 2014). RFC 2109, HTTP State Management Mechanism, Set-Cookie syntax. sec. 4.2.2. doi:10.17487/RFC2109. S2CID 6914676. RFC 2109.
Barth, A. (2011). RFC 6265, HTTP State Management Mechanism. sec. 5.1.1. doi:10.17487/RFC6265. RFC 6265.

tools.ietf.org

Goodwin, M.; West (20 June 2016). "Same-Site Cookies draft-ietf-httpbis-cookie-same-site-00". Ietf Datatracker. Archived from the original on 16 August 2016. Retrieved 28 July 2016.

infoq.com

Tilkov, Stefan (2 July 2008). "REST Anti-Patterns". InfoQ. Archived from the original on 23 December 2008. Retrieved 4 January 2009.

inikulin.github.io

"Cookies specification compatibility in modern browsers". inikulin.github.io. 2016. Archived from the original on 2 October 2016. Retrieved 30 September 2016.

jisclegal.ac.uk

"EU Cookie Directive, Directive 2009/136/EC". JISC Legal Information. Archived from the original on 18 December 2012. Retrieved 31 October 2012.

lambdatest.com

"Browser Compatibility Testing of 'SameSite' cookie attribute".

legifrance.gouv.fr

"Délibération n° 2019-093 du 4 juillet 2019 portant adoption de lignes directrices relatives à l'application de l'article 82 de la loi du 6 janvier 1978 modifiée aux opérations de lecture ou écriture dans le terminal d'un utilisateur (notamment aux cookies et autres traceurs) (rectificatif)". www.legifrance.gouv.fr. Retrieved 6 June 2021.

lexxion.eu

edpl.lexxion.eu

Zuiderveen Borgesius, F.J.; Kruikemeier, S.; C Boerman, S.; Helberger, N. (2017). "Tracking Walls, Take-It-Or-Leave-It Choices, the GDPR, and the ePrivacy Regulation". European Data Protection Law Review. 3 (3): 353–368. doi:10.21552/edpl/2017/3/9. hdl:11245.1/dfb59b54-0544-4c65-815a-640eae10668a.

manicode.blogspot.it

Jim Manico quoting Daniel Stenberg, Real world cookie length limits Archived 2013-07-02 at the Wayback Machine

medra.org

Bugliesi, Michele; Calzavara, Stefano; Focardi, Riccardo; Khan, Wilayat (16 September 2015). "CookiExt: Patching the browser against session hijacking attacks". Journal of Computer Security. 23 (4): 509–537. doi:10.3233/JCS-150529. hdl:10278/3663357.

microsoft.com

msdn.microsoft.com

"Maintaining session state with cookies". Microsoft Developer Network. Archived from the original on 14 October 2012. Retrieved 22 October 2012.
"Introduction to Persistence". microsoft.com. Microsoft. Archived from the original on 11 January 2015. Retrieved 9 October 2014.
"Isolated Storage". Microsoft.com. Archived from the original on 16 December 2014. Retrieved 9 October 2014.

support.microsoft.com

"Description of Persistent and Per-Session Cookies in Internet Explorer". support.microsoft.com. 24 January 2007. Archived from the original on 25 September 2011.
"How to Manage Cookies in Internet Explorer 6". Microsoft. 18 December 2007. Archived from the original on 28 December 2008. Retrieved 4 January 2009.

microsoft.com

Hardmeier, Sandi (25 August 2005). "The history of Internet Explorer". Microsoft. Archived from the original on 1 October 2005. Retrieved 4 January 2009.

msdn2.microsoft.com

"Cookie Property". MSDN. Microsoft. Archived from the original on 5 April 2008. Retrieved 4 January 2009.

blogs.msdn.microsoft.com

"Internet Explorer Cookie Internals (FAQ)". 21 November 2018.

mozilla.com

support.mozilla.com

"Clearing private data". Firefox Support Knowledge base. Mozilla. 16 September 2008. Archived from the original on 3 January 2009. Retrieved 4 January 2009.

mozilla.org

developer.mozilla.org

"Set-Cookie2 - HTTP | MDN". developer.mozilla.org. Retrieved 8 March 2021.
"Window.sessionStorage, Web APIs | MDN". developer.mozilla.org. Archived from the original on 28 September 2015. Retrieved 2 October 2015.

blog.mozilla.org

Englehardt, Steven; Edelstein, Arthur (26 January 2021). "Firefox 85 Cracks Down on Supercookies". Mozilla Security Blog. Archived from the original on 25 February 2024.

mrcoles.com

Coles, Peter. "HTTP Cookies: What's the difference between Max-age and Expires? – Peter Coles". Mrcoles.com. Archived from the original on 29 July 2016. Retrieved 28 July 2016.

netscape.com

wp.netscape.com

"Press Release: Netscape Communications Offers New Network Navigator Free On The Internet". Archived from the original on 7 December 2006. Retrieved 22 May 2010.
"Persistent client state HTTP cookies: Preliminary specification". Netscape. c. 1999. Archived from the original on 5 August 2007.

netsparker.com

"Using the Same-Site Cookie Attribute to Prevent CSRF Attacks". www.netsparker.com. 23 August 2016. Retrieved 5 April 2021.

nytimes.com

Schwartz, John (4 September 2001). "Giving Web a Memory Cost Its Users Privacy". The New York Times. Archived from the original on 18 November 2011. Retrieved 19 February 2017.
"Spy Agency Removes Illegal Tracking Files". New York Times. 29 December 2005. Archived from the original on 12 November 2011. Retrieved 19 February 2017.

bits.blogs.nytimes.com

"A Loophole Big Enough for a Cookie to Fit Through". Bits. The New York Times. 17 September 2010. Archived from the original on 26 January 2013. Retrieved 31 January 2013.

osf.io

Veale, Michael; Zuiderveen Borgesius, Frederik (1 April 2021), Adtech and Real-Time Bidding under European Data Protection Law, doi:10.31235/osf.io/wg8fq, hdl:2066/253518, S2CID 243311598

propublica.org

Angwin, Julia; Tigas, Mike (14 January 2015). "Zombie Cookie: The Tracking Cookie That You Can't Kill". ProPublica. Retrieved 1 November 2020.

proquest.com

search.proquest.com

Peng, Weihong; Cisna, Jennifer (2000). "HTTP Cookies, A Promising Technology". ProQuest. Online Information Review. ProQuest 194487945.

publicsuffix.org

"Learn more about the Public Suffix List". Publicsuffix.org. Archived from the original on 14 May 2016. Retrieved 28 July 2016.

reuters.com

Finkle, Jim (25 May 2011). "Microsoft latest security risk: 'Cookiejacking'". Reuters. Archived from the original on 30 May 2011. Retrieved 26 May 2011.

semanticscholar.org

api.semanticscholar.org

Kristol, David M. (2001). "HTTP Cookies: Standards, Privacy, and Politics". ACM Transactions on Internet Technology. 1 (2). Association for Computing Machinery (ACM): 151–198. arXiv:cs/0105018. doi:10.1145/502152.502153. ISSN 1533-5399. S2CID 1848140.
Lee, Wei-Bin; Chen, Hsing-Bai; Chang, Shun-Shyan; Chen, Tzung-Her (25 January 2019). "Secure and efficient protection for HTTP cookies with self-verification". International Journal of Communication Systems. 32 (2): e3857. doi:10.1002/dac.3857. S2CID 59524143.
Kristol, D.; Montulli, L. (March 2014). RFC 2109, HTTP State Management Mechanism, Set-Cookie syntax. sec. 4.2.2. doi:10.17487/RFC2109. S2CID 6914676. RFC 2109.
Veale, Michael; Zuiderveen Borgesius, Frederik (1 April 2021), Adtech and Real-Time Bidding under European Data Protection Law, doi:10.31235/osf.io/wg8fq, hdl:2066/253518, S2CID 243311598
Nouwens, Midas; Liccardi, Ilaria; Veale, Michael; Karger, David; Kagal, Lalana (21 April 2020). "Dark Patterns after the GDPR: Scraping Consent Pop-ups and Demonstrating their Influence". Proceedings of the 2020 CHI Conference on Human Factors in Computing Systems. Chi '20. Honolulu HI USA: ACM. pp. 1–13. arXiv:2001.02479. doi:10.1145/3313831.3376321. hdl:1721.1/129999. ISBN 978-1-4503-6708-0. S2CID 210064317.
Kampanos, Georgios; Shahandashti, Siamak F. (2021). "Accept All: The Landscape of Cookie Banners in Greece and the UK". ICT Systems Security and Privacy Protection. IFIP Advances in Information and Communication Technology. Vol. 625. Cham: Springer International Publishing. pp. 213–227. arXiv:2104.05750. doi:10.1007/978-3-030-78120-0_14. ISBN 978-3-030-78119-4. ISSN 1868-4238. S2CID 233219491.
Santos, Cristiana; Nouwens, Midas; Toth, Michael; Bielova, Nataliia; Roca, Vincent (2021), Gruschka, Nils; Antunes, Luís Filipe Coelho; Rannenberg, Kai; Drogkaris, Prokopios (eds.), "Consent Management Platforms Under the GDPR: Processors and/Or Controllers?", Privacy Technologies and Policy, Lecture Notes in Computer Science, vol. 12703, Cham: Springer International Publishing, pp. 47–69, arXiv:2104.06861, doi:10.1007/978-3-030-76663-4_3, ISBN 978-3-030-76662-7, S2CID 233231428, retrieved 6 June 2021

springer.com

link.springer.com

Santos, Cristiana; Nouwens, Midas; Toth, Michael; Bielova, Nataliia; Roca, Vincent (2021), Gruschka, Nils; Antunes, Luís Filipe Coelho; Rannenberg, Kai; Drogkaris, Prokopios (eds.), "Consent Management Platforms Under the GDPR: Processors and/Or Controllers?", Privacy Technologies and Policy, Lecture Notes in Computer Science, vol. 12703, Cham: Springer International Publishing, pp. 47–69, arXiv:2104.06861, doi:10.1007/978-3-030-76663-4_3, ISBN 978-3-030-76662-7, S2CID 233231428, retrieved 6 June 2021

ssrn.com

papers.ssrn.com

Kesan, Jey; Shah, Rajiv (19 August 2018). "Deconstructing Code". Yale Journal of Law and Technology. 6: 277–389. SSRN 597543.

stanford.edu

cyberlaw.stanford.edu

Mayer, Jonathan (19 August 2011). "Tracking the Trackers: Microsoft Advertising". The Center for Internet and Society. Archived from the original on 26 September 2011. Retrieved 28 September 2011.

symantec.com

eval.symantec.com

Symantec Internet Security Threat Report: Trends for July–December 2007 (Executive Summary) (PDF) (Report). Vol. XIII. Symantec Corp. April 2008. pp. 1–3. Archived (PDF) from the original on 25 June 2008. Retrieved 11 May 2008.

theregister.com

Francisco, Thomas Claburn in San. "What's CNAME of your game? This DNS-based tracking defies your browser privacy defenses". www.theregister.com. Retrieved 6 June 2021.

thesecuritypractice.com

Hodges, Jeff; Corry, Bil (6 March 2011). "'HTTP State Management Mechanism' to Proposed Standard". The Security Practice. Archived from the original on 7 August 2016. Retrieved 17 June 2016.

theverge.com

Statt, Nick (24 March 2020). "Apple updates Safari's anti-tracking tech with full third-party cookie blocking". The Verge. Retrieved 24 July 2020.

venturebeat.com

"Firefox starts blocking third-party cookies by default". VentureBeat. 4 June 2019. Retrieved 24 July 2020.
Protalinski, Emil (19 May 2020). "Chrome 83 arrives with redesigned security settings, third-party cookies blocked in Incognito". VentureBeat. Retrieved 25 June 2020.

w3.org

"P3P: The Platform for Privacy Preferences". W3C. Retrieved 15 October 2021.

washington.edu

staff.washington.edu

"Setting Cookies". staff.washington.edu. 19 June 2009. Archived from the original on 16 March 2017. Retrieved 15 March 2017.

washingtonpost.com

Pegoraro, Rob (17 July 2005). "How to Block Tracking Cookies". Washington Post. p. F07. Archived from the original on 27 April 2011. Retrieved 4 January 2009.

web.archive.org

Vamosi, Robert (14 April 2008). "Gmail cookie stolen via Google Spreadsheets". News.cnet.com. Archived from the original on 9 December 2013. Retrieved 19 October 2017.
"What about the "EU Cookie Directive"?". WebCookies.org. 2013. Archived from the original on 11 October 2017. Retrieved 19 October 2017.
"New net rules set to make cookies crumble". BBC. 8 March 2011. Archived from the original on 10 August 2018. Retrieved 21 June 2018.
"Sen. Rockefeller: Get Ready for a Real Do-Not-Track Bill for Online Advertising". Adage.com. 6 May 2011. Archived from the original on 24 August 2011. Retrieved 2 June 2011.
"Where cookie comes from :: DominoPower". dominopower.com. Archived from the original on 19 October 2017. Retrieved 19 October 2017.
Raymond, Eric (ed.). "magic cookie". The Jargon File (version 4.4.7). Archived from the original on 6 September 2017. Retrieved 8 September 2017.
Schwartz, John (4 September 2001). "Giving Web a Memory Cost Its Users Privacy". The New York Times. Archived from the original on 18 November 2011. Retrieved 19 February 2017.
"Press Release: Netscape Communications Offers New Network Navigator Free On The Internet". Archived from the original on 7 December 2006. Retrieved 22 May 2010.
"Usenet Post by Marc Andreessen: Here it is, world!". 13 October 1994. Archived from the original on 27 April 2011. Retrieved 22 May 2010.
Hardmeier, Sandi (25 August 2005). "The history of Internet Explorer". Microsoft. Archived from the original on 1 October 2005. Retrieved 4 January 2009.
"Setting Cookies". staff.washington.edu. 19 June 2009. Archived from the original on 16 March 2017. Retrieved 15 March 2017.
The edbrowse documentation version 3.5 said "Note that only Netscape-style cookies are supported. However, this is the most common flavor of cookie. It will probably meet your needs." This paragraph was removed in later versions of the documentation Archived 2017-03-16 at the Wayback Machine further to RFC 2965's deprecation.
Hodges, Jeff; Corry, Bil (6 March 2011). "'HTTP State Management Mechanism' to Proposed Standard". The Security Practice. Archived from the original on 7 August 2016. Retrieved 17 June 2016.
"Description of Persistent and Per-Session Cookies in Internet Explorer". support.microsoft.com. 24 January 2007. Archived from the original on 25 September 2011.
"Maintaining session state with cookies". Microsoft Developer Network. Archived from the original on 14 October 2012. Retrieved 22 October 2012.
"'SameSite' cookie attribute, Chrome Platform tatus". Chromestatus.com. Archived from the original on 9 May 2016. Retrieved 23 April 2016.
Goodwin, M.; West (20 June 2016). "Same-Site Cookies draft-ietf-httpbis-cookie-same-site-00". Ietf Datatracker. Archived from the original on 16 August 2016. Retrieved 28 July 2016.
"Learn more about the Public Suffix List". Publicsuffix.org. Archived from the original on 14 May 2016. Retrieved 28 July 2016.
Mayer, Jonathan (19 August 2011). "Tracking the Trackers: Microsoft Advertising". The Center for Internet and Society. Archived from the original on 26 September 2011. Retrieved 28 September 2011.
Vijayan, Jaikumar (19 August 2011). "Microsoft disables 'supercookies' used on MSN.com visitors". Computerworld. Archived from the original on 27 November 2014. Retrieved 23 November 2014.
Englehardt, Steven; Edelstein, Arthur (26 January 2021). "Firefox 85 Cracks Down on Supercookies". Mozilla Security Blog. Archived from the original on 25 February 2024.
Jim Manico quoting Daniel Stenberg, Real world cookie length limits Archived 2013-07-02 at the Wayback Machine
"Persistent client state HTTP cookies: Preliminary specification". Netscape. c. 1999. Archived from the original on 5 August 2007.
"Cookie Property". MSDN. Microsoft. Archived from the original on 5 April 2008. Retrieved 4 January 2009.
Shannon, Ross (26 February 2007). "Cookies, Set and retrieve information about your readers". HTMLSource. Archived from the original on 24 August 2011. Retrieved 4 January 2009.
"Cookies specification compatibility in modern browsers". inikulin.github.io. 2016. Archived from the original on 2 October 2016. Retrieved 30 September 2016.
Coles, Peter. "HTTP Cookies: What's the difference between Max-age and Expires? – Peter Coles". Mrcoles.com. Archived from the original on 29 July 2016. Retrieved 28 July 2016.
Symantec Internet Security Threat Report: Trends for July–December 2007 (Executive Summary) (PDF) (Report). Vol. XIII. Symantec Corp. April 2008. pp. 1–3. Archived (PDF) from the original on 25 June 2008. Retrieved 11 May 2008.
Whalen, David (8 June 2002). "The Unofficial Cookie FAQ v2.6". Cookie Central. Archived from the original on 24 August 2011. Retrieved 4 January 2009.
"How to Manage Cookies in Internet Explorer 6". Microsoft. 18 December 2007. Archived from the original on 28 December 2008. Retrieved 4 January 2009.
"Clearing private data". Firefox Support Knowledge base. Mozilla. 16 September 2008. Archived from the original on 3 January 2009. Retrieved 4 January 2009.
"Clear Personal Information : Clear browsing data". Google Chrome Help. Archived from the original on 11 March 2009. Retrieved 4 January 2009.
"Clear Personal Information: Delete cookies". Google Chrome Help. Archived from the original on 11 March 2009. Retrieved 4 January 2009.
"Third party domains". WebCookies.org. Archived from the original on 9 December 2014. Retrieved 7 December 2014.
"Number of cookies". WebCookies.org. Archived from the original on 9 December 2014. Retrieved 7 December 2014.
"Spy Agency Removes Illegal Tracking Files". New York Times. 29 December 2005. Archived from the original on 12 November 2011. Retrieved 19 February 2017.
"EU Cookie Directive, Directive 2009/136/EC". JISC Legal Information. Archived from the original on 18 December 2012. Retrieved 31 October 2012.
Privacy and Electronic Communications Regulations. Information Commissioner's Office. 2012. Archived from the original on 30 October 2012. Retrieved 31 October 2012.
"EU cookie law: stop whining and just get on with it". Wired UK. 24 May 2012. Archived from the original on 15 November 2012. Retrieved 31 October 2012.
"A Loophole Big Enough for a Cookie to Fit Through". Bits. The New York Times. 17 September 2010. Archived from the original on 26 January 2013. Retrieved 31 January 2013.
Pegoraro, Rob (17 July 2005). "How to Block Tracking Cookies". Washington Post. p. F07. Archived from the original on 27 April 2011. Retrieved 4 January 2009.
Zetter, Kim (23 March 2011). "Hack Obtains 9 Bogus Certificates for Prominent Websites; Traced to Iran - Threat Level - Wired.com". Threat Level. Archived from the original on 26 March 2014.{{cite web}}: CS1 maint: unfit URL (link)
Finkle, Jim (25 May 2011). "Microsoft latest security risk: 'Cookiejacking'". Reuters. Archived from the original on 30 May 2011. Retrieved 26 May 2011.
Whitney, Lance (26 May 2011). "Security researcher finds 'cookiejacking' risk in IE". CNET. Archived from the original on 14 June 2011. Retrieved 6 September 2019.
Fielding, Roy (2000). "Fielding Dissertation: CHAPTER 6: Experience and Evaluation". Archived from the original on 27 April 2011. Retrieved 14 October 2010.
Tilkov, Stefan (2 July 2008). "REST Anti-Patterns". InfoQ. Archived from the original on 23 December 2008. Retrieved 4 January 2009.
"BrowserSpy". gemal.dk. Archived from the original on 26 September 2008. Retrieved 28 January 2010.
"IE "default behaviors [sic]" browser information disclosure tests: clientCaps". Mypage.direct.ca. Archived from the original on 5 June 2011. Retrieved 28 January 2010.
Eckersley, Peter (17 May 2010). "How Unique Is Your Web Browser?" (PDF). eff.org. Electronic Frontier Foundation. Archived from the original (PDF) on 15 October 2014. Retrieved 23 July 2014.
"Window.sessionStorage, Web APIs | MDN". developer.mozilla.org. Archived from the original on 28 September 2015. Retrieved 2 October 2015.
"Introduction to Persistence". microsoft.com. Microsoft. Archived from the original on 11 January 2015. Retrieved 9 October 2014.
"Isolated Storage". Microsoft.com. Archived from the original on 16 December 2014. Retrieved 9 October 2014.

webcookies.org

"What about the "EU Cookie Directive"?". WebCookies.org. 2013. Archived from the original on 11 October 2017. Retrieved 19 October 2017.
"Third party domains". WebCookies.org. Archived from the original on 9 December 2014. Retrieved 7 December 2014.
"Number of cookies". WebCookies.org. Archived from the original on 9 December 2014. Retrieved 7 December 2014.

wiley.com

onlinelibrary.wiley.com

Lee, Wei-Bin; Chen, Hsing-Bai; Chang, Shun-Shyan; Chen, Tzung-Her (25 January 2019). "Secure and efficient protection for HTTP cookies with self-verification". International Journal of Communication Systems. 32 (2): e3857. doi:10.1002/dac.3857. S2CID 59524143.

wired.co.uk

"EU cookie law: stop whining and just get on with it". Wired UK. 24 May 2012. Archived from the original on 15 November 2012. Retrieved 31 October 2012.

worldcat.org

Kristol, David M. (2001). "HTTP Cookies: Standards, Privacy, and Politics". ACM Transactions on Internet Technology. 1 (2). Association for Computing Machinery (ACM): 151–198. arXiv:cs/0105018. doi:10.1145/502152.502153. ISSN 1533-5399. S2CID 1848140.
Zuiderveen Borgesius, Frederik J. (August 2015). "Personal data processing for behavioural targeting: which legal basis?". International Data Privacy Law. 5 (3): 163–176. doi:10.1093/idpl/ipv011. ISSN 2044-3994.
Kampanos, Georgios; Shahandashti, Siamak F. (2021). "Accept All: The Landscape of Cookie Banners in Greece and the UK". ICT Systems Security and Privacy Protection. IFIP Advances in Information and Communication Technology. Vol. 625. Cham: Springer International Publishing. pp. 213–227. arXiv:2104.05750. doi:10.1007/978-3-030-78120-0_14. ISBN 978-3-030-78119-4. ISSN 1868-4238. S2CID 233219491.

yourhtmlsource.com

Shannon, Ross (26 February 2007). "Cookies, Set and retrieve information about your readers". HTMLSource. Archived from the original on 24 August 2011. Retrieved 4 January 2009.