A cookie contains specific information that is encrypted for security purposes. Normally, a cookie is attached with an HTTP header from the HTTP server to a Web browser in response to a user request. This stored cookie is sent to the HTTP server whenever access to a specific website is required.
Cookies are managed in two patterns: with expiry date and without expiry date. Cookies without expiry dates are automatically stored in users’ machines and remain inside the system’s memory until the user’s browsing terminates. Cookies with an expiry date expire when that date is surpassed.
Unfortunately, because of lack of knowledge, most people do not understand what a cookie is, and many believe that cookies are tiny files containing viruses, malware or spyware. These are all are misconceptions.
In 1994, Lou Montulli, a founding engineer at Netscape, became the first person to apply the concept of "magic cookies". These were just simple text files stored on a user’s computer. A Web server would allow the browser to save this text file and resend the file with each request from the user. This file helped the server identify each user.
The following are the types/variations of cookies:
Session Cookies: Created for a specific session, these expire upon the termination of the user’s browser session.
Persistent Cookies: Normally known as tracking cookies, these cookies have a specific time period before they expire.
Secure Cookies: When a user is accessing the server through HTTPS, secure cookies are used to provide maximum security to user data through encryption.
Zombie Cookies: These cookies are automatically recreated after a user has deleted them