1

While checking for GET parameters through the browser request (Network tab of Developer Tools, navigate to the needed page, use "Copy as cURL"), i am getting the "Cookie" field in the curl GET request while i am not logged-in into the site.

I checked the same behavior for stackoverflow site and get the following information ---

curl 'How to send a header using a HTTP request through a curl call?' -H 'User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:75.0) Gecko/20100101 Firefox/75.0' -H 'Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/;q=0.8' -H 'Accept-Language: en-US,en;q=0.5' --compressed -H 'Referer: https://www.google.com/' -H 'DNT: 1' -H 'Connection: keep-alive' -H 'Cookie: prov=bb86d13f-93aa-5521-ab14-01f4e8123850; notice-dmb=4%3B1587648961693' -H 'Upgrade-Insecure-Requests: 1' -H 'Cache-Control: max-age=0' -H 'TE: Trailers'

My doubt is why i am getting "Cookie" field and what is the significance of this field (for not logged in user). Also, whether this cookie field value will change for every user request ?

Gaurav Kansal
  • 281
  • 3
  • 17

1 Answers1

0

You are geeting this because browser will always look at the http request you made and attaches any unexpired cookies it has for that domain

Arjun sharma
  • 521
  • 4
  • 9
  • So, you mean to say that the cookie browser is sending may be expired too ? Can i check the age of the cookie by any means ? – Gaurav Kansal Apr 23 '20 at 18:04