Difference Between Cookies and Sessions
HTTP is a stateless protocol. This means that any temporary data sent by the server when the client receives the page, is destroyed when the connection is closed. Cookies and sessions are two solutions to this problem. The cookie is tiny information that is permanently present on the client machine through the website and sent back to the server each time a web page is requested. Session, on the other hand, is a way to store information directly on the server, and not on the client machine.
What are Cookies?
Netscape introduced the concept of cookies in their web browser Netscape Navigator. The cookie is a bit of information that is saved on the client machine through the website and it is sent back to the server each time a web page is requested. As the cookies are sent back each time, lesser amount of data must be saved each time, saving bandwidth. A website only reads the cookie written by it, thereby providing a safe way to store information across different web pages. However, cookies were not taken to at first; because people claimed that, the cookies could read all the information present on the hard disk. Obviously, this misconception is now resolved, and it is widely accepted that cookies are harmless. They are now accepted easily. Cookies have a set lifespan, as fixed by their creators; after this time, they expire. Cookie saves information such as how often the user visits a site, which is the time of the visits, what banners or icons or links have been clicked on, the preferences of the users, etc. Cookies are used to save information needed for a shorter time. If information such as e-mail addresses has to be retained, the programmer must use a database instead of cookies. However, if personal information is stored in cookies, then, for safety measures, encryption must be used.
What are Sessions?
The Session is another way to store information through web pages. However, this saving is done on the server side. The session uses a real server side and a customer side cookie to store data. The cookie on the client side only keeps a reference to the corresponding data stored on the server side. When a user goes to a site, the cookie on the client side (with a reference number), is sent to the server and the server uses this number to load the user data. The cookie on the server side can retain large amounts of data. Since the client side cookie retains only the number, frequency band is saved. Since the session data is stored in the server side, they are much more secure information.
What is the difference between cookies and sessions?