A1:
|
A server can access only a cookie set from its own domain. Although a cookie can be stored on the user's hard drive, there is no other access to the user's file system. You can, however, set a cookie in response to a request for an image. So, if many sites include images served from a third-party ad server or counter script, the third party might be able to track a user across multiple domains.
|
A2:
|
Unfortunately, it isn't that simple. At best, cookies are a transparent way of saving state. Some users, however, set their browsers to warn them every time a cookie is set. These users are likely to find a site that saves state information frequently somewhat frustrating.
|