Monday, November 24, 2014

So, about those cookies...

Today I am finally going to talk about cookies. Yes, the tagline of the blogs does read "Software, and frogs, and cookies" but if you've been reading it for a while you've probably noticed a distinct lack of cookies. I actually did talk about cookies in my review of the iPhone game Cookie Dozer back in 2010, but that's been the only time. Four years! And I've never before shared any information about the kind of cookies you can actually eat. Keep reading.

If you've ever read my comic you'll know that it's mostly bad technology puns. That has never been more evident than today, where we find the frogs handing out chocolate chip cookies to track potential customers instead of using the web browser key/value storage mechanism.

You might have not given it much thought before, but just how does Facebook know to put up an ad for some item I was just looking at on Amazon? The answer is because both sites use third-party cookies to track your web activity. It works something like this...
You view a product page on Amazon. Somewhere on that page is an invisible element, often an image, served by a third-party website. Let's say it comes from example.com, for example. Since it gave you some content, it can also set a cookie that only example.com can read. It will generate some unique identifier for your activity and store that in a cookie on your browser. On the server site, they put the cookie id in a database along with information about the page you were on when you got the cookie.
The next day you visit Facebook to share some cute picture of your cat. Facebook also serves you an element from example.com, in this case probably an ad banner. But since example.com can read any other cookies set by example.com, they pull the id out of the cookie you got when you visited Amazon the day before. They quickly look up in their database what page you were on when you got the cookie and then respond with an ad banner for that specific product.
You say to yourself, "Oh, yeah. I wanted to buy that yesterday but I forgot." Then you click on the ad and buy the item. 
Some people get really bent out of shape about this practice. Yes, it's true that if enough sites on the Internet serve you content from example.com, they could build up quite a lot of data about you and your browsing habits. For the most part, they just want to use it to more precisely target advertising at you. There is always the potential, however, that this data could be used for something more nefarious. Fortunately, most modern browsers make it easy enough for you to block third-party cookies (meaning when you go to Amazon.com, you can only get cookies from Amazon.com - not from example.com) and you're fairly safe.

Over the years, the use of cookies in this way has given them a bad name. Really, there's nothing wrong with a site like amphibian.com setting a cookie in your browser when you are actually on amphibian.com. Websites legitimately do this to overcome the stateless nature of web applications.

To make you feel better about cookies, today's comic will set a harmless cookie in your browser. It can only be read by the comic website, and it doesn't contain any information about you. But it does contain a recipe for chocolate chip cookies!

If you want to see it, open up your browser's developer console and type the following command:
$.cookie('frog-tracking-cookie');
Just hit enter, and you should see the cookie recipe. I kept it short, but you should be able to understand it.

If you've gone as far as entering that command, you may also be interested to learn why it works. I use the jquery.cookie plugin for reading and writing cookies from the comic. On some future date, the comic will attempt to read back the cookie it sets today...you'll just have to wait and see what happens!

Amphibian.com comic for 24 November 2014