Cookie Usage

Packet Clearing House uses cookies where necessary to ensure the convenient and secure operation of our website, but for no other purpose. Those cookies are not readable by third parties and contain no personal information. Our cookies:

• use the domain “pch.net” so that other servers will not know of its existence and may not read it,
• are written to the browser over HTTPS to maintain their privacy while in transit,
• have the “secure” flag set so that the browser will also use HTTPS when returning the cookie to our server,
• have the flag set so the cookie cannot be read using client-side JavaScript, to protect against Cross Site Scripting (XSS) attacks, “HttpOnly”
• hold only a unique alphanumeric string. We never put data into cookies..

Our site uses three cookies.

A session cookie is employed only if and while a user is in the process of signing up for a new user account. This cookie is expired by the user's browser when the browser window is closed. (Full name: PHPSESSID)

A login cookie allows a user who has created an account on our site and has logged in to identify themselves to us while they’re logged in. This cookie expires 24 hours after a logged-in user’s last activity. (Full name: PCHSession-www)

A nonce cookie protects users from Cross-Site Request Forgery (CSRF) attacks if and while they fill out forms on our site. The user receives a cookie containing only a unique alphanumeric string (the “nonce”), which their browser returns when they submit the form. Users receive nonce cookies only if they load a page which contains a form, and these cookies expire after five minutes. (Full name varies, but will be like: pch_nonce3f10636e6057f9c6f9a019)