Web applications that pass data "out into the wild" by means of a cookie or a URL are subject to manipulation or truncation by proxies.

By means of appending a special cryptographic token, the application can verify that it generated the incoming data, and that it has been unmodified in transit.