At 09:16 AM 1/25/98 -0800, Jim Gillogly wrote:

Heinz-Juergen Keller skribis:

...

Just a silly? question on cookies: What will happen if I just link cookies.txt to /dev/null ? Is there anything speaking against this solution?

Works fine on Unix and Linux systems if you're not a cookie fan: the remote sites think you've eaten their cookies, but you've merely frisbeed them into the bit bin.

It's better than telling Netscape you want to be asked: some sites set a dozen cookies per hit, seems like, and saying "no" to each gets immediately tedious. If you tell Netscape to reject them, some sites won't serve you the content. Setting the browser to accept everything and linking cookies.txt to /dev/null works well for me.

You can also make the cookie.txt file read only. Both of these options only make the cookies valid for the current session. They do not make them go away all together. Some of the site that cookie bomb do so out of ignorance. Old versions of Apache have such cookie bombing set by default. (They changed the name of the option soon after. The option was originally called "Mod_cookies" and people left it figuring that if they disabled it, they could not use cookies. Actually it is a method for tracking usage patterns within a site. The module was renamed to reflect that.) I am willing to bet that most of the sites that send cookies are not even using the data they provide. Few log file crunchers can make use of the cookie data from user tracking in any worthwhile manner. Any company that relies on cookies to hold onto membership information is foolish. (Cookie files only hold 300 entries. Surf enough and the membership infomation gets washed away with the tide.) Cookies are not needed for storefronts. There are better ways to accomplish the same thing. (There are CGI storefronts that save the information on files on the server, for instance.) I can understand why cookies were thought up in the first place. Much of cgi programming is overcoming the stateless nature of http. Unfortunatly, the idea was not thought out that well... --- | "That'll make it hot for them!" - Guy Grand | |"The moral PGP Diffie taught Zimmermann unites all| Disclaimer: | | mankind free in one-key-steganography-privacy!" | Ignore the man | |`finger -l alano@teleport.com` for PGP 2.6.2 key | behind the keyboard.| | http://www.ctrl-alt-del.com/~alan/ |alan@ctrl-alt-del.com|