惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

宝玉的分享
宝玉的分享
酷 壳 – CoolShell
酷 壳 – CoolShell
让小产品的独立变现更简单 - ezindie.com
让小产品的独立变现更简单 - ezindie.com
S
Security @ Cisco Blogs
小众软件
小众软件
D
Docker
博客园_首页
A
About on SuperTechFans
P
Privacy International News Feed
freeCodeCamp Programming Tutorials: Python, JavaScript, Git & More
A
Arctic Wolf
Spread Privacy
Spread Privacy
有赞技术团队
有赞技术团队
T
Tailwind CSS Blog
Latest news
Latest news
WordPress大学
WordPress大学
CTFtime.org: upcoming CTF events
CTFtime.org: upcoming CTF events
T
The Exploit Database - CXSecurity.com
C
Cybersecurity and Infrastructure Security Agency CISA
大猫的无限游戏
大猫的无限游戏
cs.CV updates on arXiv.org
cs.CV updates on arXiv.org
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
K
Kaspersky official blog
V2EX - 技术
V2EX - 技术
SecWiki News
SecWiki News
U
Unit 42
GbyAI
GbyAI
H
Hackread – Cybersecurity News, Data Breaches, AI and More
L
LINUX DO - 热门话题
S
Security Affairs
Y
Y Combinator Blog
aimingoo的专栏
aimingoo的专栏
Blog — PlanetScale
Blog — PlanetScale
MongoDB | Blog
MongoDB | Blog
博客园 - 【当耐特】
The GitHub Blog
The GitHub Blog
T
Tenable Blog
W
WeLiveSecurity
Cloudbric
Cloudbric
Cyber Security Advisories - MS-ISAC
Cyber Security Advisories - MS-ISAC
G
Google Developers Blog
Application and Cybersecurity Blog
Application and Cybersecurity Blog
N
Netflix TechBlog - Medium
F
Full Disclosure
N
News and Events Feed by Topic
D
DataBreaches.Net
P
Proofpoint News Feed
B
Blog RSS Feed
B
Blog
cs.CL updates on arXiv.org
cs.CL updates on arXiv.org

Vercel News

Vercel Open Source Program: Winter 2026 cohort How Notion Workers run untrusted code at scale with Vercel Sandbox How we run Vercel's CDN in front of Discourse From idea to secure checkout in minutes with Stripe Building Slack agents can be easy Scaling redirects to infinity on Vercel Advancing Python typing Gamma builds design-first agents with Vercel How Avalara turns pipe dreams into patent-pending with v0 Keeping community human while scaling with agents How OpenEvidence built a healthcare AI that physicians actually trust Security boundaries in agentic architectures Skills Night: 69,000+ ways agents are getting smarter Video Generation with AI Gateway We Ralph Wiggumed WebStreams to make them 10x faster How Stably ships AI testing agents in hours, not weeks How we built AEO tracking for coding agents Anyone can build agents, but it takes a platform to run them Introducing Geist Pixel The Vercel AI Accelerator is back with $6m in credits Making agent-friendly pages with content negotiation The Vercel OSS Bug Bounty program is now available Introducing the new v0 Run untrusted code with Vercel Sandbox, now generally available How Stripe built a game-changing app in a single flight with v0 How Sensay went from zero to product in six weeks AGENTS.md outperforms skills in our agent evals Agent skills explained: An FAQ Testing if "bash is all you need" AWS databases are now live on the Vercel Marketplace and v0 Use Perplexity Web Search with Vercel AI Gateway Introducing: React Best Practices Nick Bogaty joins Vercel as Chief Revenue Officer How Mux shipped durable video workflows with their @mux/ai SDK How to build agents with filesystems and bash How we made v0 an effective coding agent Stopping the slow death of internal tools Building AI-Generated Pixel Trading Cards with Vercel AI Gateway We removed 80% of our agent’s tools AI SDK 6 Our $1 million hacker challenge for React2Shell Cline now runs on Vercel AI Gateway How to prompt v0 Build smarter workflows with Notion and v0 Vercel launches partner certification Inside Workflow DevKit: How framework integrations work React2Shell Security Bulletin | Vercel Knowledge Base Billions of requests: Black Friday-Cyber Monday 2025 Investing in the Python ecosystem AWS Databases coming to the Vercel Marketplace How we built the v0 iOS app Workflow Builder: Build your own workflow automation platform Vercel Open Source Program: Fall 2025 cohort Self-driving infrastructure Vercel collaborates with Google for Gemini 3 Pro Preview launch Vercel: The anti-vendor-lock-in cloud How Nous Research used BotID to block automated abuse at scale How AI Gateway runs on Fluid compute What we learned building agents at Vercel Build and deploy data applications on Snowflake with v0 BotID Deep Analysis catches a sophisticated bot network in real-time Vercel achieves TISAX AL2 compliance to serve automotive partners Bun runtime on Vercel Functions David Totten Joins Vercel to Lead Global Field Engineering Vercel Ship AI 2025 recap You can just ship agents AI agents and services on the Vercel Marketplace Built-in durability: Introducing Workflow Development Kit Zero-config backends on Vercel AI Cloud Introducing Vercel Agent: Your new Vercel teammate Update regarding Vercel service disruption on October 20, 2025 Agents at work, a partnership with Salesforce and Slack Running Next.js in ChatGPT: How to Build ChatGPT Apps Talha Tariq joins Vercel as CTO of Security Just another (Black) Friday Server rendering benchmarks: Fluid Compute and Cloudflare Workers Towards the AI Cloud: Our Series F Collaborating with Anthropic on Claude Sonnet 4.5 to power intelligent coding agents Preventing the stampede: Request collapsing in the Vercel CDN BotID uncovers hidden SEO poisoning How we made global routing faster with Bloom filters What you need to know about vibe coding Scale to one: How Fluid solves cold starts Addressing security & quality issues with MCP tools - Vercel AI agents at scale: Rox’s Vercel-powered revenue operating system Agentic Infrastructure Zero Data Retention on AI Gateway Optimizing Vercel Sandbox snapshots How Waldium made a blog platform work for humans and AI alike How FLORA shipped a creative agent on Vercel's AI stack Agent responsibly Making Turborepo 96% faster with agents, sandboxes, and humans Unified reporting for all AI Gateway usage new.website joins forces with v0 SERHANT.'s playbook for rapid AI iteration Two startups at global scale without DevOps Chat SDK brings agents to your users 360 billion tokens, 3 million customers, 6 engineers Meet the 2026 Vercel AI Accelerator Cohort Build knowledge agents without embeddings
Understanding cookies - Vercel – Vercel
Lydia Hallie · 2023-11-01 · via Vercel News

3 min read

Learn how cookies function, how they are used by websites, and the importance of managing them for privacy and security.

Cookies are small pieces of data stored by web browsers on a user's device at the request of web servers. They are sent back unchanged by the browser each time it accesses that server. Cookies allow the server to "remember" specific user information, facilitating functionalities like maintaining user sessions, remembering preferences, and tracking user behavior.

Link to headingHow Do Cookies Work?

Cookies are set by a combination of both the server and browser.

  1. First, when the user visits a website, the server can send a Set-Cookie header in its response. "This instructs the browser to save the cookie on the user's device.

  2. Once a cookie is stored, the browser includes it as the Cookie header for subsequent requests to the same domain or path. This behavior is configurable through attributes such as SameSite, HttpOnly, and Secure.

  3. Cookies have an expiration time set using the Expires or Max-Age attributes. After this time, the cookie is automatically deleted. If neither is set, the cookie is treated as a session cookie and is deleted when the browser is closed.

The Set-Cookie response header consists of a few elements that determine how the browser will treat the cookie. It consists of:

  • Name and Value: The actual data in the cookie. They form a pair like name=value.

  • Domain and Path: Define the scope of the cookie. The cookie will be sent only to requests made to the given domain and path.

  • Expires and Max-Age: Specify when the cookie will expire. Expires sets an exact date and time, while Max-Age sets a duration.

  • Secure: Indicates that the cookie should be sent only over HTTPS.

  • HttpOnly: Ensures client-side scripts cannot access the cookie. By ensuring cookies aren't accessible via JavaScript, you reduce the risk of them being stolen should an attacker manage to inject malicious scripts into your website (XSS).

  • SameSite: This attribute is crucial for cookie security and defines when the cookie should be sent to the server. It can be set to either Strict, Lax or None. This guide discusses the different configurations and their implications.

When working with cookies, it's essential to prioritize security. It’s good practice to:

  1. Use the Secure and HttpOnly attributes wherever applicable to enhance security.

  2. Set the SameSite attribute appropriately can help mitigate CSRF attacks.

  3. Limit Lifespan: Set cookies to expire as soon as they're no longer needed by setting the right max-age or expires values.

  4. Avoid Sensitive Data: Never store sensitive data like passwords or personal identification numbers directly in cookies.

Inspecting and debugging cookies is important in complex applications where security is crucial. Browsers usually provide a streamlined way to do this, such as Google Chrome's Developer Tools.

To access Google Chrome's Developer Tools, press F12 or right-click and select "Inspect," then go to the "Application" tab. In the left-hand sidebar, you will find an expandable "Cookies" section under "Storage," which lists all the domains associated with the cookies stored in your current session.

By clicking on a domain, you can view all the cookies set by that domain in a table format. Each row provides detailed information such as the cookie's name, value, domain, path, expiration date, and security attributes like Secure, HttpOnly, and SameSite.

This interface provides real-time updates, allowing you to monitor cookies as they are created, modified, or deleted while interacting with the web application. This makes it easier to troubleshoot issues such as incorrect cookie settings, session persistence problems, or any unexpected behavior related to cookie-based authentication. You can even manipulate cookie values or attributes directly within the Developer Tools, enabling you to simulate different scenarios and conduct thorough cookie testing and debugging.