What is a Cookie?
A cookie is a small piece of data a website stores in your browser to remember information across requests, like login sessions.
A cookie is a small piece of data that a website asks your browser to store. On future requests, the browser sends it back, letting the site "remember" things like whether you're logged in, your preferences, or items in a cart.
How It Works:
- The server sends a
Set-Cookieheader in its response - The browser stores the cookie
- On each subsequent request to that site, the browser includes the cookie
- The server reads it to recognize the user or session
Common Uses:
- Sessions: Keep you logged in
- Preferences: Language, theme, layout
- Analytics: Understand usage (with consent)
- Advertising: Track across sites (increasingly restricted)
Important Attributes:
- HttpOnly: Blocks JavaScript access (safer for session cookies)
- Secure: Only sent over HTTPS
- SameSite: Controls cross-site sending (helps prevent CSRF)
- Expires / Max-Age: How long the cookie lasts
FAQ
What's the difference between session and persistent cookies?
Session cookies are deleted when you close the browser. Persistent cookies have an expiry date and survive across sessions until they expire or are cleared.
Are cookies a privacy concern?
They can be, especially third-party tracking cookies. That's why laws require consent and why browsers are phasing out third-party cookies in favor of more private alternatives.