All about HTTP cookies

What is HTTP cookie?

When a server communicates with client’s computer then for identification sever needs  some sort of unique token from client side to identify specific client server and here comes the role of cookies. SO what are cookies. According to MDN

An HTTP cookie (web cookie, browser cookie) is a small piece of data that a server sends to the user’s web browser. The browser may store it and send it back with the next request to the same server. Typically, it’s used to tell if two requests came from the same browser — keeping a user logged-in, for example. It remembers stateful information for the stateless HTTP protocol.

So the server send the specific data to client end and then client browser use this data in further requests to provide it’s unique idenity to server. In this way when a browser requests a web page from a server, cookies correspoding to the website  is added to the http request and server returns the unique data for the request.

Application of Cookies

  1. Session management : Login details/session,
  2. Personalization: User preferences, themes, and other settings
  3. Tracking: User behaviour on site

Secure Cookies (HTTPOnly cookies )

These cookies are sent win an encrypted form over network and these cookies can’t be read / modify by client side JS. For this type of cookies user can’t access using them by document.cookie() API and for theese cookies HTTPOnly flag is set to true.

Check cookie in gogole chrome inspect tool:


  1. Go to google devloper console (ctrl+shift+I)> Application
  2. In left panel Storage> cookies click on site you want to check the cookies
  3. You can check the mutiple cookies for the site in the right panel
  4. There are some cookies for which the http column is set as true , these are HttpOnly cookies.

How to set cookies and get cookies using JS

cookies are stored as name value pair


Create a cookie

document.cookie = "userToken=hzbfzjhfzjdfh6576579090910jhjsdhj65; expires=Thu, 17 June 2018 12:00:00 UTC";

Read a cookie

var myPageCookie = document.cookie;

P.S. For further lnformation please refer MDN