[Top] [Prev] [Next] [Bottom]




Controlling cookies


Cookies allow session information between a Web browser and a Web server to be stored by the Web browser. The next time the Web browser connects to that Web server, the saved cookie information allows the session to continue where it left off.

Cookies are managed by the Web browser and cookie limits are not configurable. It is possible for browsers to inadvertently leave doors open by which cookies can be used maliciously. For example, flooding a Web browser with large cookies in an attempt to exhaust all the free disk space.

WEBsweeper can be configured to deal with cookies in the following ways:

Configuration details are found in the [HTTP]section of the http configuration file, HTTP.CFG.

That is:

[HTTP]
Cookies=Ignore
;Cookies=Remove
;Cookies=Block,Blocked because of associated 
cookie

The default WEBsweeper installation is configured to ignore cookies.

The directives required to perform the other options are listed in the configuration section as comments.

You can change the default configuration by:

For example:

In HTTP.CFG:

[HTTP]
;Cookies=Ignore
Cookies=Remove
;Cookies=Block,Blocked because of associated 
cookie

This example will remove cookies and allow the data through.

The WEBsweeper service will have to be restarted for any changes to the [HTTP] section to come into effect.

Blocking cookies

To block cookies the value specified by the Cookies directive in the [HTTP] configuration section should be Block, with a sentence that is used to inform the end user.

The [HTTP]section can be found in the http configuration file HTTP.CFG.

For example:

[HTTP]
;Cookies=Ignore
;Cookies=Remove
Cookies=Block,Blocked because of associated cookie

In this example, the sentence "Blocked because of associated cookie" will be displayed by the Web browser whenever a cookie is blocked. You can change this text if required.

Ignoring cookies

To ignore cookies the value specified by the Cookies directive in the [HTTP] configuration section should be Ignore. This is the default configuration.

The [HTTP]section can be found in the http configuration file HTTP.CFG.

That is:

[HTTP]
Cookies=Ignore
;Cookies=Remove
;Cookies=Block,Blocked because of associated 
cookie

Removing Cookies

To remove cookies the value specified by the Cookies directive in the [HTTP] configuration section should be Remove.

The [HTTP]section can be found in the http configuration file HTTP.CFG.

That is:

[HTTP]
;Cookies=Ignore
Cookies=Remove
;Cookies=Block,Blocked because of associated 
cookie



[Top] [Prev] [Next] [Bottom]



msw.support@mimesweeper.com

Copyright © 1998, Content Technologies Limited. All rights reserved.