{"id":2254,"date":"2025-10-15T23:17:12","date_gmt":"2025-10-15T16:17:12","guid":{"rendered":"https:\/\/kienthucmo.com\/?p=2254"},"modified":"2026-03-24T16:31:19","modified_gmt":"2026-03-24T09:31:19","slug":"tim-hieu-cookie-va-quyen-rieng-tu-tren-web","status":"publish","type":"post","link":"https:\/\/kienthucmo.com\/vi\/tim-hieu-cookie-va-quyen-rieng-tu-tren-web\/","title":{"rendered":"T\u00ecm hi\u1ec3u Cookie trong web hi\u1ec7n \u0111\u1ea1i: Vai tr\u00f2, thay \u0111\u1ed5i v\u00e0 xu h\u01b0\u1edbng b\u1ea3o m\u1eadt m\u1edbi"},"content":{"rendered":"\n

Trong th\u1ebf gi\u1edbi web hi\u1ec7n \u0111\u1ea1i, g\u1ea7n nh\u01b0 m\u1ecdi \u1ee9ng d\u1ee5ng \u0111\u1ec1u c\u1ea7n duy tr\u00ec tr\u1ea1ng th\u00e1i gi\u1eefa c\u00e1c l\u1ea7n t\u01b0\u01a1ng t\u00e1c c\u1ee7a ng\u01b0\u1eddi d\u00f9ng \u2014 t\u1eeb vi\u1ec7c ghi nh\u1edb phi\u00ean \u0111\u0103ng nh\u1eadp, gi\u1ecf h\u00e0ng, \u0111\u1ebfn c\u00e1 nh\u00e2n ho\u00e1 tr\u1ea3i nghi\u1ec7m. Tuy nhi\u00ean, giao th\u1ee9c HTTP v\u1ed1n l\u00e0 stateless<\/em> (kh\u00f4ng l\u01b0u tr\u1ea1ng th\u00e1i), ngh\u0129a l\u00e0 m\u1ed7i y\u00eau c\u1ea7u (request) g\u1eedi \u0111\u1ebfn server \u0111\u1ec1u \u0111\u1ed9c l\u1eadp v\u00e0 kh\u00f4ng \u201cnh\u1edb\u201d th\u00f4ng tin t\u1eeb l\u1ea7n tr\u01b0\u1edbc. Ch\u00ednh v\u00ec th\u1ebf, cookie ra \u0111\u1eddi nh\u01b0 m\u1ed9t c\u01a1 ch\u1ebf gi\u00fap duy tr\u00ec tr\u1ea1ng th\u00e1i cho ng\u01b0\u1eddi d\u00f9ng tr\u00ean web.<\/p>\n\n\n\n

Cookie l\u00e0 m\u1ed9t t\u1ec7p d\u1eef li\u1ec7u nh\u1ecf m\u00e0 tr\u00ecnh duy\u1ec7t l\u01b0u tr\u1eef t\u1ea1m th\u1eddi ho\u1eb7c l\u00e2u d\u00e0i, nh\u1eb1m gi\u00fap server v\u00e0 client trao \u0111\u1ed5i th\u00f4ng tin hi\u1ec7u qu\u1ea3 h\u01a1n. N\u00f3 \u0111\u00f3ng vai tr\u00f2 quan tr\u1ecdng trong vi\u1ec7c nh\u1eadn di\u1ec7n ng\u01b0\u1eddi d\u00f9ng, qu\u1ea3n l\u00fd phi\u00ean, l\u01b0u tu\u1ef3 ch\u1ecdn c\u00e1 nh\u00e2n, v\u00e0 ph\u1ee5c v\u1ee5 ph\u00e2n t\u00edch h\u00e0nh vi truy c\u1eadp. D\u00f9 c\u00f3 k\u00edch th\u01b0\u1edbc nh\u1ecf, cookie l\u1ea1i \u1ea3nh h\u01b0\u1edfng s\u00e2u r\u1ed9ng \u0111\u1ebfn c\u1ea3 hi\u1ec7u n\u0103ng, b\u1ea3o m\u1eadt, v\u00e0 quy\u1ec1n ri\u00eang t\u01b0 c\u1ee7a ng\u01b0\u1eddi d\u00f9ng.<\/p>\n\n\n\n

Trong b\u00e0i vi\u1ebft n\u00e0y, m\u00ecnh c\u00f9ng b\u1ea1n t\u00ecm hi\u1ec3u to\u00e0n di\u1ec7n v\u1ec1 cookie \u2014 t\u1eeb kh\u00e1i ni\u1ec7m, c\u1ea5u tr\u00fac, c\u01a1 ch\u1ebf ho\u1ea1t \u0111\u1ed9ng, c\u00e1c lo\u1ea1i cookie th\u01b0\u1eddng g\u1eb7p, \u0111\u1ebfn nh\u1eefng r\u1ee7i ro b\u1ea3o m\u1eadt v\u00e0 xu h\u01b0\u1edbng thay \u0111\u1ed5i trong b\u1ed1i c\u1ea3nh hi\u1ec7n nay. M\u1ee5c ti\u00eau l\u00e0 gi\u00fap ch\u00fang ta hi\u1ec3u r\u00f5 c\u00e1ch cookie th\u1ef1c s\u1ef1 v\u1eadn h\u00e0nh v\u00e0 c\u00e1ch \u00e1p d\u1ee5ng \u0111\u00fang trong c\u00e1c d\u1ef1 \u00e1n web, v\u1eeba hi\u1ec7u qu\u1ea3 v\u1eeba an to\u00e0n.<\/p>\n\n\n\n

\"T\u00ecm<\/figure>\n\n\n\n

1. Cookie l\u00e0 g\u00ec?<\/h2>\n\n\n\n

Cookie (hay c\u00f2n g\u1ecdi l\u00e0 HTTP cookie, web cookie, ho\u1eb7c browser cookie) l\u00e0 m\u1ed9t \u0111o\u1ea1n d\u1eef li\u1ec7u nh\u1ecf m\u00e0 server g\u1eedi \u0111\u1ebfn tr\u00ecnh duy\u1ec7t khi ng\u01b0\u1eddi d\u00f9ng truy c\u1eadp website. Sau khi nh\u1eadn, tr\u00ecnh duy\u1ec7t c\u00f3 th\u1ec3 l\u01b0u tr\u1eef th\u00f4ng tin n\u00e0y t\u1ea1m th\u1eddi ho\u1eb7c l\u00e2u d\u00e0i, r\u1ed3i t\u1ef1 \u0111\u1ed9ng g\u1eedi ng\u01b0\u1ee3c l\u1ea1i cho server trong nh\u1eefng l\u1ea7n truy c\u1eadp ti\u1ebfp theo.<\/p>\n\n\n\n

C\u01a1 ch\u1ebf n\u00e0y ra \u0111\u1eddi nh\u1eb1m kh\u1eafc ph\u1ee5c \u0111i\u1ec3m h\u1ea1n ch\u1ebf l\u1edbn nh\u1ea5t c\u1ee7a giao th\u1ee9c HTTP \u2014 \u0111\u00f3 l\u00e0 t\u00ednh ch\u1ea5t stateless<\/em>, t\u1ee9c m\u1ed7i y\u00eau c\u1ea7u (request) \u0111\u01b0\u1ee3c x\u1eed l\u00fd \u0111\u1ed9c l\u1eadp v\u00e0 kh\u00f4ng ghi nh\u1edb tr\u1ea1ng th\u00e1i gi\u1eefa c\u00e1c l\u1ea7n truy c\u1eadp. Nh\u1edd cookie, website c\u00f3 th\u1ec3 \u201cghi nh\u1edb\u201d ng\u01b0\u1eddi d\u00f9ng l\u00e0 ai, h\u1ecd \u0111\u00e3 \u0111\u0103ng nh\u1eadp ch\u01b0a, \u0111ang ch\u1ecdn ng\u00f4n ng\u1eef n\u00e0o, ho\u1eb7c c\u00f3 m\u00f3n h\u00e0ng n\u00e0o trong gi\u1ecf.<\/p>\n\n\n\n

V\u1ec1 l\u1ecbch s\u1eed, cookie \u0111\u01b0\u1ee3c gi\u1edbi thi\u1ec7u v\u00e0o gi\u1eefa th\u1eadp ni\u00ean 1990 b\u1edfi Netscape Communications, v\u1edbi m\u1ee5c ti\u00eau ban \u0111\u1ea7u l\u00e0 l\u01b0u th\u00f4ng tin phi\u00ean l\u00e0m vi\u1ec7c c\u1ee7a ng\u01b0\u1eddi d\u00f9ng. Qua th\u1eddi gian, cookie nhanh ch\u00f3ng tr\u1edf th\u00e0nh m\u1ed9t th\u00e0nh ph\u1ea7n n\u1ec1n t\u1ea3ng c\u1ee7a web, \u0111\u00f3ng vai tr\u00f2 quan tr\u1ecdng trong x\u00e1c th\u1ef1c ng\u01b0\u1eddi d\u00f9ng, l\u01b0u t\u00f9y ch\u1ecdn giao di\u1ec7n, c\u00e1 nh\u00e2n h\u00f3a tr\u1ea3i nghi\u1ec7m, v\u00e0 h\u1ed7 tr\u1ee3 ph\u00e2n t\u00edch h\u00e0nh vi truy c\u1eadp ph\u1ee5c v\u1ee5 t\u1ed1i \u01b0u hi\u1ec7u su\u1ea5t c\u0169ng nh\u01b0 qu\u1ea3ng c\u00e1o.<\/p>\n\n\n\n

N\u00f3i ng\u1eafn g\u1ecdn, cookie l\u00e0 \u201ctr\u00ed nh\u1edb t\u1ea1m\u201d c\u1ee7a web \u2013 gi\u00fap c\u00e1c trang web tr\u1edf n\u00ean th\u00f4ng minh v\u00e0 li\u1ec1n m\u1ea1ch h\u01a1n khi t\u01b0\u01a1ng t\u00e1c v\u1edbi ng\u01b0\u1eddi d\u00f9ng.<\/p>\n\n\n\n

\"Cookie
Cookies la gi<\/figcaption><\/figure>\n\n\n\n

2. C\u1ea5u tr\u00fac c\u1ee7a m\u1ed9t cookie<\/h2>\n\n\n\n

M\u1ed9t cookie th\u1ef1c ch\u1ea5t l\u00e0 m\u1ed9t \u0111o\u1ea1n d\u1eef li\u1ec7u nh\u1ecf \u0111\u01b0\u1ee3c tr\u00ecnh duy\u1ec7t l\u01b0u tr\u1eef, bao g\u1ed3m c\u1eb7p name=value v\u00e0 m\u1ed9t s\u1ed1 thu\u1ed9c t\u00ednh gi\u00fap x\u00e1c \u0111\u1ecbnh ph\u1ea1m vi, th\u1eddi h\u1ea1n, c\u0169ng nh\u01b0 c\u00e1ch th\u1ee9c ho\u1ea1t \u0111\u1ed9ng c\u1ee7a cookie. D\u01b0\u1edbi \u0111\u00e2y l\u00e0 c\u00e1c th\u00e0nh ph\u1ea7n c\u01a1 b\u1ea3n:<\/p>\n\n\n\n

    \n
  • Name \u2013 Value:<\/strong> L\u00e0 c\u1eb7p kh\u00f3a \u2013 gi\u00e1 tr\u1ecb ch\u00ednh, v\u00ed d\u1ee5 sessionId=abc123<\/code>. \u0110\u00e2y l\u00e0 n\u1ed9i dung c\u1ed1t l\u00f5i gi\u00fap server nh\u1eadn di\u1ec7n ng\u01b0\u1eddi d\u00f9ng ho\u1eb7c l\u01b0u tr\u1eef th\u00f4ng tin t\u1ea1m th\u1eddi.<\/li>\n\n\n\n
  • Domain:<\/strong> Ch\u1ec9 \u0111\u1ecbnh t\u00ean mi\u1ec1n m\u00e0 cookie \u00e1p d\u1ee5ng. V\u00ed d\u1ee5 .example.com<\/code> ngh\u0129a l\u00e0 cookie c\u00f3 th\u1ec3 \u0111\u01b0\u1ee3c truy c\u1eadp t\u1eeb t\u1ea5t c\u1ea3 c\u00e1c subdomain c\u1ee7a trang n\u00e0y.<\/li>\n\n\n\n
  • Path:<\/strong> Quy \u0111\u1ecbnh \u0111\u01b0\u1eddng d\u1eabn trong website m\u00e0 cookie c\u00f3 hi\u1ec7u l\u1ef1c. V\u00ed d\u1ee5 \/shop<\/code> th\u00ec cookie ch\u1ec9 \u0111\u01b0\u1ee3c g\u1eedi k\u00e8m khi truy c\u1eadp c\u00e1c trang trong th\u01b0 m\u1ee5c \/shop<\/code>.<\/li>\n\n\n\n
  • Expires \/ Max-Age:<\/strong> X\u00e1c \u0111\u1ecbnh th\u1eddi gian t\u1ed3n t\u1ea1i c\u1ee7a cookie. N\u1ebfu kh\u00f4ng \u0111\u01b0\u1ee3c \u0111\u1eb7t, cookie s\u1ebd t\u1ef1 \u0111\u1ed9ng x\u00f3a khi \u0111\u00f3ng tr\u00ecnh duy\u1ec7t (g\u1ecdi l\u00e0 session cookie<\/em>).<\/li>\n\n\n\n
  • Secure:<\/strong> Khi b\u1eadt, cookie ch\u1ec9 \u0111\u01b0\u1ee3c g\u1eedi qua giao th\u1ee9c HTTPS, gi\u00fap b\u1ea3o m\u1eadt th\u00f4ng tin tr\u00e1nh b\u1ecb l\u1ed9 tr\u00ean k\u1ebft n\u1ed1i kh\u00f4ng m\u00e3 h\u00f3a.<\/li>\n\n\n\n
  • HttpOnly:<\/strong> Gi\u1edbi h\u1ea1n truy c\u1eadp cookie t\u1eeb JavaScript, ng\u0103n ng\u1eeba t\u1ea5n c\u00f4ng Cross-Site Scripting (XSS) \u2014 m\u1ed9t k\u1ef9 thu\u1eadt th\u01b0\u1eddng d\u00f9ng \u0111\u1ec3 \u0111\u00e1nh c\u1eafp d\u1eef li\u1ec7u ng\u01b0\u1eddi d\u00f9ng.<\/li>\n\n\n\n
  • SameSite:<\/strong> X\u00e1c \u0111\u1ecbnh c\u00e1ch cookie \u0111\u01b0\u1ee3c g\u1eedi trong c\u00e1c y\u00eau c\u1ea7u t\u1eeb trang kh\u00e1c (cross-site). C\u00f3 ba ch\u1ebf \u0111\u1ed9:\n
      \n
    • Strict:<\/strong> ch\u1ec9 g\u1eedi cookie khi truy c\u1eadp c\u00f9ng m\u1ed9t site.<\/li>\n\n\n\n
    • Lax:<\/strong> g\u1eedi cookie trong m\u1ed9t s\u1ed1 tr\u01b0\u1eddng h\u1ee3p an to\u00e0n (v\u00ed d\u1ee5 click t\u1eeb link ngo\u00e0i).<\/li>\n\n\n\n
    • None:<\/strong> cho ph\u00e9p g\u1eedi cookie trong m\u1ecdi tr\u01b0\u1eddng h\u1ee3p, nh\u01b0ng ph\u1ea3i \u0111i k\u00e8m<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n\n\n\n

      C\u00e1c thu\u1ed9c t\u00ednh n\u00e0y gi\u00fap nh\u00e0 ph\u00e1t tri\u1ec3n ki\u1ec3m so\u00e1t ph\u1ea1m vi, t\u00ednh b\u1ea3o m\u1eadt v\u00e0 th\u1eddi h\u1ea1n c\u1ee7a cookie m\u1ed9t c\u00e1ch linh ho\u1ea1t, ph\u00f9 h\u1ee3p v\u1edbi t\u1eebng nhu c\u1ea7u c\u1ee5 th\u1ec3 c\u1ee7a \u1ee9ng d\u1ee5ng web.<\/p>\n\n\n\n

      \"C\u1ea5u<\/figure>\n\n\n\n

      3. Ph\u00e2n lo\u1ea1i cookie<\/h2>\n\n\n\n

      Vi\u1ec7c hi\u1ec3u r\u00f5 c\u00e1c lo\u1ea1i cookie gi\u00fap ta l\u1ef1a ch\u1ecdn \u0111\u00fang m\u1ee5c \u0111\u00edch s\u1eed d\u1ee5ng v\u00e0 nh\u1eadn di\u1ec7n \u0111\u01b0\u1ee3c c\u00e1c r\u1ee7i ro ti\u1ec1m \u1ea9n v\u1ec1 b\u1ea3o m\u1eadt c\u0169ng nh\u01b0 quy\u1ec1n ri\u00eang t\u01b0. D\u01b0\u1edbi \u0111\u00e2y l\u00e0 b\u1ed1n lo\u1ea1i cookie ph\u1ed5 bi\u1ebfn nh\u1ea5t:<\/p>\n\n\n\n

        \n
      • Session Cookie (Cookie phi\u00ean):<\/strong>
        \u0110\u00e2y l\u00e0 lo\u1ea1i cookie ch\u1ec9 t\u1ed3n t\u1ea1i trong su\u1ed1t th\u1eddi gian ng\u01b0\u1eddi d\u00f9ng m\u1edf tr\u00ecnh duy\u1ec7t. Khi tr\u00ecnh duy\u1ec7t \u0111\u01b0\u1ee3c \u0111\u00f3ng l\u1ea1i, cookie s\u1ebd t\u1ef1 \u0111\u1ed9ng b\u1ecb x\u00f3a. Ch\u00fang th\u01b0\u1eddng \u0111\u01b0\u1ee3c d\u00f9ng \u0111\u1ec3 l\u01b0u session ID, gi\u00fap server nh\u1eadn di\u1ec7n ng\u01b0\u1eddi d\u00f9ng trong m\u1ed9t phi\u00ean l\u00e0m vi\u1ec7c \u2014 ch\u1eb3ng h\u1ea1n khi b\u1ea1n \u0111\u0103ng nh\u1eadp v\u00e0o t\u00e0i kho\u1ea3n, th\u00eam s\u1ea3n ph\u1ea9m v\u00e0o gi\u1ecf h\u00e0ng, ho\u1eb7c \u0111i\u1ec1n form nhi\u1ec1u b\u01b0\u1edbc.<\/li>\n\n\n\n
      • Persistent Cookie (Cookie l\u01b0u l\u00e2u):<\/strong>
        Kh\u00f4ng gi\u1ed1ng session cookie, persistent cookie c\u00f3 th\u1eddi h\u1ea1n x\u00e1c \u0111\u1ecbnh th\u00f4ng qua thu\u1ed9c t\u00ednh Expires ho\u1eb7c Max-Age. Ch\u00fang v\u1eabn t\u1ed3n t\u1ea1i ngay c\u1ea3 sau khi ng\u01b0\u1eddi d\u00f9ng \u0111\u00f3ng tr\u00ecnh duy\u1ec7t, cho \u0111\u1ebfn khi h\u1ebft h\u1ea1n ho\u1eb7c b\u1ecb x\u00f3a th\u1ee7 c\u00f4ng. Lo\u1ea1i cookie n\u00e0y th\u01b0\u1eddng d\u00f9ng cho c\u00e1c t\u00ednh n\u0103ng nh\u01b0 \u201cRemember Me\u201d, l\u01b0u ng\u00f4n ng\u1eef, theme, ho\u1eb7c c\u00e0i \u0111\u1eb7t c\u00e1 nh\u00e2n \u0111\u1ec3 ng\u01b0\u1eddi d\u00f9ng c\u00f3 tr\u1ea3i nghi\u1ec7m li\u1ec1n m\u1ea1ch h\u01a1n \u1edf l\u1ea7n truy c\u1eadp sau.<\/li>\n\n\n\n
      • First-party Cookie (Cookie b\u00ean th\u1ee9 nh\u1ea5t):<\/strong>
        \u0110\u01b0\u1ee3c t\u1ea1o b\u1edfi ch\u00ednh website m\u00e0 ng\u01b0\u1eddi d\u00f9ng \u0111ang truy c\u1eadp (c\u00f9ng domain). \u0110\u00e2y l\u00e0 lo\u1ea1i cookie \u201cth\u00e2n thi\u1ec7n\u201d nh\u1ea5t v\u00ec ph\u1ee5c v\u1ee5 tr\u1ef1c ti\u1ebfp cho ho\u1ea1t \u0111\u1ed9ng c\u1ee7a trang \u2014 v\u00ed d\u1ee5: ghi nh\u1edb ch\u1ebf \u0111\u1ed9 s\u00e1ng\/t\u1ed1i ho\u1eb7c ng\u00f4n ng\u1eef hi\u1ec3n th\u1ecb.<\/li>\n\n\n\n
      • Third-party Cookie (Cookie b\u00ean th\u1ee9 ba):<\/strong>
        \u0110\u01b0\u1ee3c t\u1ea1o ra b\u1edfi m\u1ed9t domain kh\u00e1c v\u1edbi trang m\u00e0 ng\u01b0\u1eddi d\u00f9ng \u0111ang truy c\u1eadp, th\u01b0\u1eddng xu\u1ea5t hi\u1ec7n trong iframe<\/strong>, qu\u1ea3ng c\u00e1o<\/strong>, ho\u1eb7c c\u00e1c c\u00f4ng c\u1ee5 ph\u00e2n t\u00edch b\u00ean ngo\u00e0i. M\u1ee5c \u0111\u00edch ch\u00ednh l\u00e0 theo d\u00f5i h\u00e0nh vi ng\u01b0\u1eddi d\u00f9ng tr\u00ean nhi\u1ec1u website kh\u00e1c nhau \u0111\u1ec3 ph\u1ee5c v\u1ee5 qu\u1ea3ng c\u00e1o c\u00e1 nh\u00e2n h\u00f3a. Tuy nhi\u00ean, v\u00ec li\u00ean quan \u0111\u1ebfn quy\u1ec1n ri\u00eang t\u01b0, lo\u1ea1i cookie n\u00e0y hi\u1ec7n \u0111ang b\u1ecb nhi\u1ec1u tr\u00ecnh duy\u1ec7t h\u1ea1n ch\u1ebf ho\u1eb7c ch\u1eb7n ho\u00e0n to\u00e0n.<\/li>\n<\/ul>\n\n\n\n

        T\u00f3m l\u1ea1i, m\u1ed7i lo\u1ea1i cookie mang m\u1ed9t vai tr\u00f2 kh\u00e1c nhau \u2014 t\u1eeb duy tr\u00ec phi\u00ean l\u00e0m vi\u1ec7c, l\u01b0u t\u00f9y ch\u1ecdn ng\u01b0\u1eddi d\u00f9ng \u0111\u1ebfn ph\u1ee5c v\u1ee5 qu\u1ea3ng c\u00e1o \u2014 v\u00e0 nh\u00e0 ph\u00e1t tri\u1ec3n c\u1ea7n c\u00e2n nh\u1eafc k\u1ef9 l\u01b0\u1ee1ng gi\u1eefa ti\u1ec7n \u00edch v\u00e0 t\u00e1c \u0111\u1ed9ng \u0111\u1ebfn b\u1ea3o m\u1eadt, quy\u1ec1n ri\u00eang t\u01b0 tr\u01b0\u1edbc khi s\u1eed d\u1ee5ng.<\/p>\n\n\n\n

        \"Ph\u00e2n<\/figure>\n\n\n\n

        4. C\u00e1ch ho\u1ea1t \u0111\u1ed9ng c\u1ee7a cookie (lu\u1ed3ng c\u01a1 b\u1ea3n)<\/h2>\n\n\n\n

        \u0110\u1ec3 hi\u1ec3u vai tr\u00f2 th\u1eadt s\u1ef1 c\u1ee7a cookie trong vi\u1ec7c duy tr\u00ec tr\u1ea1ng th\u00e1i, ta c\u1ea7n nh\u00ecn v\u00e0o c\u00e1ch m\u00e0 ch\u00fang \u0111\u01b0\u1ee3c t\u1ea1o ra, l\u01b0u tr\u1eef, v\u00e0 g\u1eedi qua l\u1ea1i gi\u1eefa client (tr\u00ecnh duy\u1ec7t) v\u00e0 server. To\u00e0n b\u1ed9 qu\u00e1 tr\u00ecnh n\u00e0y \u0111\u01b0\u1ee3c quy \u0111\u1ecbnh trong RFC 6265 \u2013 t\u00e0i li\u1ec7u chu\u1ea9n v\u1ec1 HTTP Cookie.<\/p>\n\n\n\n

        Quy tr\u00ecnh c\u01a1 b\u1ea3n di\u1ec5n ra nh\u01b0 sau:<\/p>\n\n\n\n

          \n
        1. Client \u2192 Server (Y\u00eau c\u1ea7u ban \u0111\u1ea7u):<\/strong>
          Khi ng\u01b0\u1eddi d\u00f9ng truy c\u1eadp m\u1ed9t website l\u1ea7n \u0111\u1ea7u ti\u00ean, tr\u00ecnh duy\u1ec7t g\u1eedi m\u1ed9t HTTP request \u0111\u1ebfn server. \u1ede th\u1eddi \u0111i\u1ec3m n\u00e0y, tr\u00ecnh duy\u1ec7t ch\u01b0a c\u00f3 b\u1ea5t k\u1ef3 cookie n\u00e0o li\u00ean quan \u0111\u1ebfn domain \u0111\u00f3, n\u00ean request \u0111\u01b0\u1ee3c g\u1eedi \u0111i \u201cs\u1ea1ch\u201d.<\/li>\n\n\n\n
        2. Server \u2192 Client (T\u1ea1o v\u00e0 g\u1eedi cookie):<\/strong>
          Server nh\u1eadn \u0111\u01b0\u1ee3c y\u00eau c\u1ea7u, x\u1eed l\u00fd v\u00e0 ph\u1ea3n h\u1ed3i b\u1eb1ng HTTP response. Trong ph\u1ea7n header c\u1ee7a response, server c\u00f3 th\u1ec3 th\u00eam d\u00f2ng:<\/li>\n<\/ol>\n\n\n\n
          <\/circle><\/circle><\/circle><\/g><\/svg><\/span>