How to Identify the Cookies Your Site Installs in Browsers
To properly inform users about cookies that your site installs in their browsers, you must learn to identify them. This is not an easy task, so we have created a brief guide to help you with it.
The identification of cookies installed on your website may end up being a result from the combined use of different tools, the main and most commonly used are Wappalyzer and BuiltWith, both are available as add-ons to all the most widely used browsers and allow a thorough analysis of all the resources and technologies implemented within a website. They do not only disclose cookies installed on a site, but also list all the technologies used on that site, such as server infrastructure, the CMS used and other specific information.
Another known tool is Ghostery: it is also available as an extension for the most popular web browsers, but it is not recommended for use for the identification of cookies because its operation is not based on a real-time scan of the website. It could also indicate some scripts that are not directly installed from the site but from some of its widgets, thus distorting the results of your analysis.
The development console, when used in conjunction with the other methods indicated, can be a very reliable and immediate tool for identifying cookies installed on a website. Below is an explanation of how to display cookies using the development console of two of the most popular and most used internet browsers, Google Chrome and Mozilla Firefox.
Note: when you analyze a site’s cookies through the development console, first remember to clear cache and cookies, otherwise the results may not be accurate.
If you use Google Chrome, this is how to proceed:
Clear cache and cookies (menu button in the upper right corner > More tools > Clear browsing data)
Once the console is open, you can view the cookies installed by the site by clicking on the Application tab
If you prefer to use Mozilla’s Firefox, here are the steps to follow:
Clear cache and cookies (menu button in the upper right corner > Options > Clear data under “Privacy and security/Cookies and Site Data”)
To open the console, click on the toolbar: Tools > Web Development > Enable Tools
Once the console is opened, you will need to click on the Storage tab, then on the Cookie drop-down menu to view the list of cookies installed by the site up to that moment
Phantom JS (a method for developers)
PhantomJS is a “headless browser”, i. e. a tool that allows you to perform actions that normally require the use of a browser, without rendering the browser itself on screen. This is a WebKit-based OpenSource cross-platform tool available for Mac, Windows and Linux.
Using PhantomJS to locate cookies
PhantomJS must be used within the terminal. Among its functions, there is also that of identifying cookies installed by a specific site. First of all, you must download the package available at this link and install the resource.
After following the installation procedure, the “phantomjs” command will now be available. To continue, we need a shell (on UNIX systems) or command prompt (for Windows) where we will enter this line:
--ignore-ssl-errors=yes: this option avoids errors related to the SSL certificate being considered;
--disk-cache= true: the process will save the resources on the disk;
fetch-data.js: this is the file that processes the request to the site and displays it on the shell downloadable at this link. Important: this file must be in the same folder from where you launched the command, otherwise you will have to indicate ~/path/of/fetch/data;
http://yoursite.com: the website you want to analyze.
Once this command has been run, the terminal will return a list of the resources and cookies used by the relative site.