What Are Cookies?
First, and contrary to popular belief, cookies are NOT programs. They don’t do anything at all. They are simple ’text files’ which you can read using the Notebook program on your own PC. Typically, they contain two pieces of information: a site name and unique user ID.
Cookies are small files which are stored on a user's computer. They are designed to hold a modest amount of data specific to a particular client and website, and can be accessed either by the web server or the client computer. This allows the server to deliver a page tailored to a particular user, or the page itself can contain some script which is aware of the data in the cookie and so is able to carry information from one visit to the website (or related site) to the next.
Are Cookies Enabled in my Browser?
To check whether your browser is configured to allow cookies, visit the Cookie checker. This page will attempt to create a cookie and report on whether or not it succeeded.
For information on how to enable or disable cookies, see 'Enabling cookies'.
For information on how to delete cookies, see 'Deleting cookies'.
What's in a Cookie?
Each cookie is effectively a small lookup table containing pairs of (key, data) values - for example (firstname, John) (lastname, Smith). Once the cookie has been read by the code on the server or client computer, the data can be retrieved and used to customise the web page appropriately.
When are Cookies Created?
Writing data to a cookie is usually done when a new webpage is loaded - for example after a 'submit' button is pressed the data handling page would be responsible for storing the values in a cookie. If the user has elected to disable cookies then the write operation will fail, and subsequent sites which rely on the cookie will either have to take a default action, or prompt the user to re-enter the information that would have been stored in the cookie.
Why are Cookies Used?
Cookies are a convenient way to carry information from one session on a website to another, or between sessions on related websites, without having to burden a server machine with massive amounts of data storage. Storing the data on the server without using cookies would also be problematic because it would be difficult to retrieve a particular user's information without requiring a login on each visit to the website.
If there is a large amount of information to store, then a cookie can simply be used as a means to identify a given user so that further related information can be looked up on a server-side database. For example the first time a user visits a site they may choose a username which is stored in the cookie, and then provide data such as password, name, address, preferred font size, page layout, etc. - this information would all be stored on the database using the username as a key. Subsequently when the site is revisited the server will read the cookie to find the username, and then retrieve all the user's information from the database without it having to be re-entered.
How Long Does a Cookie Last?
The time of expiry of a cookie can be set when the cookie is created. By default the cookie is destroyed when the current browser window is closed, but it can be made to persist for an arbitrary length of time after that.
Who Can Access Cookies?
When a cookie is created it is possible to control its visibility by setting its 'root domain'. It will then be accessible to any URL belonging to that root. For example the root could be set to "maxed-up.com" and the cookie would then be available to sites in "www.maxed-up.com" or "xyz.maxed-up.com" or "maxed-up.com". This might be used to allow related pages to 'communicate' with each other. It is not possible to set the root domain to 'top level' domains such as '.com' or '.co.uk' since this would allow widespread access to the cookie.
How Secure are Cookies?
There is a lot of concern about privacy and security on the internet. Cookies do not in themselves present a threat to privacy, since they can only be used to store information that the user has volunteered or that the web server already has. Whilst it is possible that this information could be made available to specific third party websites, this is no worse than storing it in a central database. If you are concerned that the information you provide to a webserver will not be treated as confidential then you should question whether you actually need to provide that information at all.
How Can I Delete/Remove Cookies?
Cookies are maintained by your web browser, so the method for deleting them will vary depending on which browser you are using.
Microsoft Internet Explorer 8.0 or 9.0
Select the 'Tools->Internet Options' menu item, and then click the 'Delete...' button under the 'General' tab. Check the 'Cookies' option, check/uncheck other options as required and click 'Delete'.
Note - the 'Tools' option can also be accessed by clicking the 'gear' icon in Internet Explorer's toolbar.
Firefox 7.0
Select the 'Tools->Options' menu item (may be under the Firefox button) and click on the 'Privacy' tab. Click the 'remove individual cookies' link, and you will be shown a list of all cookies stored by Firefox. You can select which cookies to delete and then press 'Remove Cookies', or you can simply click 'Remove All Cookies' to delete them all.
Firefox 3.0
Select the 'Tools->Clear Recent History' menu item. Choose the time range you wish to clear, then check the 'Cookies' option, check/uncheck other options as required and click 'Clear Now'.
Google Chrome 5.0
Choose 'Options' on the 'Cutomsize and control' menu, then open the 'Under the Bonnet' tab. In the 'Privacy' section, click on the 'Clear browsing data...' button then check the 'Delete cookies and other site data' option and check/uncheck other options as required. Choose the time period you wish to clear and click 'Clear browsing data'.
Apple Safari 5.0
Choose 'Preferences...' on the 'Settings' menu, then open the 'Security' tab and click the 'Show Cookies' button. Individual cookies can be deleted by selecting them and clicking 'Remove' or they can all be deleted by clicking 'Remove All'.
Note: If you delete all the cookies on your computer, some websites may require you to re-enter the information which was previously stored in their cookies.
