Note: Many topics at this site are reduced versions of the text in "The Encyclopedia of Networking and Telecommunications." Search results will not be as extensive as a search of the book's CD-ROM.

A cookie is a small file, stored on a client system by a server that contains data to be used during future sessions with the server. Cookies are primarily used on the Web, although they are useful in any Web-based client/server environment. The information in the cookie is read by the server the next time the client connects with the server. This allows the server to "remember" the client and information about that client. The cookie basically maintains "state" between client and server, either during connections within the same session or for future sessions.

For example, when you fill out a form at a Web site, some of the information may be stored in a cookie on your computer for future use. The next time you visit, the Web server reads the cookie to learn your name and other information about you to be used in the current session.

To understand why cookies were created, you need to understand the concept of state. Originally, the Web was stateless (and still is, except for add-ons like cookies and some new protocols). Stateless means that a connection between two systems is done anonymously, and the server does not keep information about a client or the connection that could be used again. Stateless also means that a connection does not remain open to await further requests. Cookies provide a way to create state in the HTTP protocol. This is described further in RFC 2109 (HTTP State Management Mechanism, February 1997).