Published at: Feb 21, 2022
Any cookie on your computer can only be read by the website that created that cookie. Web browsers are very strict about enforcing this. Cookies are extremely important to security and privacy, and it would be a disaster if one website was able to read cookies from another website, so a lot of care is taken by browser developers to ensure that cookies can only be read by the site that created them.
One of the many uses of Cookies is to "prove" that you are logged into a website - when you successfully log in the website gives your web browser a little token in the form of a cookie - this shows that you are logged in. Anyone who has a copy of your token/cookie for that site can use the website logged in as your user account.
So, if a site other than the one who the cookie/token is intended for was able to access/read that cookie off your computer when you visited their website, they could then easily steal your authorization cookie and impersonate you on the site you logged into.
Obviously that is an enormous security problem, so web browsers are very careful to make sure that a website can only read it's own cookies, and that cookies from one site can't be read by another site.
What is JavaScript and what does it do?
Turn on/activate JavaScript.
What happens if you don't have JavaScript?
What are some of the concerns with JavaScript and security?
Does my browser already have JavaScript or do I have to install it?
Does JavaScript go out of date?
What is the percentage of websites that use JavaScript?
What are the reasons someone would disable JavaScript in their browser?
What restrictions are there that keep me safe?