Before we start, let me give you a brief description of Session and Cookie.
Session and Cookie are Session Objects.
A Session object creates automatically on user request which stores information about user session.
While you are working with any application on your computer, you just open it, do some sort of work and then you close it.
This sounds much like a Session.
The computer is much smart enough, it knows who you are. They have an idea when you open the application and when you shut it down.
However, on the web of internet there is one major problem:
The web server has no idea who you are and what you do, because the HTTP address dosen’t maintain state.
So, the Session object is used to store information and change settings for a particular user.
Now, let’s talk about Cookies.
A Cookie is often used to identify a user.
Cookie can be said as a small file which got embed by the server in user computer. On each single request, the same computer request to the browser, sends a cookie too.
In the above diagram, you can clearly see, a web client sends HTTP request to web server. Server responses back to client by sending cookies with response.
Now, again when client sends a request to server, the browser will send the cookie too.
You might have seen while surfing the internet, that many websites contain cookies and they ask you to accept or block it.
Accepting cookies is not harmful to any personal data or for the session you are on a website. It either stores information for a particular user, or when user returns back it can start from the same session where user left.
Session vs Cookie – Difference between Session and Cookie
|They are stored on server side.
|They are stored as a text file in browser.
|Session can store any value or object.
|Cookie can only store string values.
|Sessions get destroyed as browser is closed.
|Cookies are not destroyed when the browser is closed.
|They are more secure.
|They are less secure.
|Stores unlimited data.
|Limit to store data.
|Session is a group of information that is associated with the cookie information.
|Cookies are used to identify sessions.
Session Objects stores variables that are created for each new user. Now, these variables store some commonly used information of a user like id, name, etc.
The web server always creates a new session object for every new user, and further destroys the session object when the session gets expires.
Comment down below if you have any queries related to the difference between session and cookie.