Cookies

What is a Cookie?
Cookies are small files which are stored on a user’s computer. They are designed to hold a modest amount of data specific to a particular client and website, and can be accessed either by the web server or the client computer. This allows the server to deliver a page tailored to a particular user, or the page itself can contain some script which is aware of the data in the cookie and so is able to carry information from one visit to the website (or related site) to the next. What’s in a Cookie?

What’s in a Cookie?
Each cookie is effectively a small lookup table containing pairs of (key, data) values – for example (firstname, John) (lastname, Smith). Once the cookie has been read by the code on the server or client computer, the data can be retrieved and used to customise the web page appropriately.

When are Cookies Created?
Writing data to a cookie is usually done when a new webpage is loaded – for example after a ‘submit’ button is pressed the data handling page would be responsible for storing the values in a cookie. If the user has elected to disable cookies then the write operation will fail, and subsequent sites which rely on the cookie will either have to take a default action, or prompt the user to re-enter the information that would have been stored in the cookie.

Why are Cookies Used?
Cookies are a convenient way to carry information from one session on a website to another, or between sessions on related websites, without having to burden a server machine with massive amounts of data storage. Storing the data on the server without using cookies would also be problematic because it would be difficult to retrieve a particular user’s information without requiring a login on each visit to the website.

If there is a large amount of information to store, then a cookie can simply be used as a means to identify a given user so that further related information can be looked up on a server-side database. For example the first time a user visits a site they may choose a username which is stored in the cookie, and then provide data such as password, name, address, preferred font size, page layout, etc. – this information would all be stored on the database using the username as a key. Subsequently when the site is revisited the server will read the cookie to find the username, and then retrieve all the user’s information from the database without it having to be re-entered.

What are Tracking Cookies?
Some commercial websites include embedded advertising material which is served from a third-party site, and it is possible for such adverts to store a cookie for that third-party site, containing information fed to it from the containing site – such information might include the name of the site, particular products being viewed, pages visited, etc. When the user later visits another site containing a similar embedded advert from the same third-party site, the advertiser will be able to read the cookie and use it to determine some information about the user’s browsing history. This enables publishers to serve adverts targetted at a user’s interests, so in theory having a greater chance of being relevant to the user. However, many people see such ‘tracking cookies’ as an invasion of privacy since they allow an advertiser to build up profiles of users without their consent or knowledge.