Suddenly, with the recent EU Directive on Privacy/Website Cookies it has become important to understand what cookies your website creates and when. If you need to analyse website cookies, see what functions create/access them and when, this post explains how.
To view and monitor website cookies as they are created and written I recommend you a FireFox browser with an add-on called HttpFox. This is available for FireFox 4 and let’s you see what cookies are being set when you visit a website, as well as to view and edit those already set.
HttpFox Cookie Monitoring Quick-start:
- Start FireFox 4
- Tools > Add-ons (Ctrl+Shift+A)
- Search for and install HttpFox and restart FireFox
- Open the HttpFox panel using Tools > HttpFox > Toggle HttpFox (Shift+F2)
- In HttpFox click “Start” to begin monitoring HTTP requests
- Type in your website URL – you’ll see a lot of request/response activity in the upper pane
- Click the “Cookies” tab (this will be blank until step 9.)
- Prepare for a shock!
- Click on different http requests (each is one line in the upper HttpFox pane) to see cookie activity related to the request
You can now see what parts of each page set or read cookies, and painstakingly go through your website identifying what functions are using cookies and what they are being used for. In theory, there are certain cookies that will be exempt from the directive (if they are essential to the function being accessed) but you need to consider this carefully and get legal advice on a case by case basis if you rely on this. In practice, cookie use is so widespread its better to forget exemptions and deal with each case by ensuring you have the relevant permissions from each user before writing such cookies. How this will be done is yet to be determined.
Other Useful Tools
I expect there will be additional tools created to help with this so check back, or let me know if you find something handy.
HttpFox is useful for more than this of course, it will help you debug and streamline your website too (look out for requests highlighted in red for example, any “404” responses?)
EU Privacy/Cookies Directive Compliance Service
I can help you be prepared, for example with a review of your website cookie use, risk assessment, review implications and remedial actions, as well as making changes to your website. Some of the ways I can help you are described in: EU Cookie Law Services