Because HTTP is stateless, web applications need a way to remember the same user between requests. In this capture the server sends and the browser returns a Set-Cookie/Cookie header containing SESSIONID. The browser automatically resends that cookie with every request to the same domain, allowing the server to link each request to the corresponding session data it stores. Browser caching does not convey per-user identity, JSON Web Tokens would appear in an Authorization header, and TLS encryption only protects the channel but does not provide state management.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is a cookie in the context of web applications?
Open an interactive chat with Bash
How do cookies ensure secure session management?
Open an interactive chat with Bash
What are the differences between cookies and API tokens?