From Clever Cloud
My motivation : "To push the technology far enough to find new ways to improve user's experiences."
HTTP cookies are everyhere. Not a single day without having to approve a cookie banner consent. Not so much projects without them and yet, we often don’t really get how they work.
We mix-up the rules they have to follow in the browsers. We’re confusing them with server side sessions. Those holes, in the giant skillset any modern developer should have, sometimes have non negligible impacts on the security of our apps and on our privacy as simple users of the Web.
In this session, we’ll have a (re)discovery of HTTP cookies through examples and live-coding. We’ll go back to the very basics: their origins and their behaviour inside our browsers and servers and how they’re used by many frameworks. We’ll end by talking about more recent news around cookies (SameSite, cookie prefix) and how they’re used by modern Web APIs like fetch(). This talk will also be a good opportunity to talk about security, tracking and privacy in general.