Learning Objectives
  • Explain what a cookie is and how websites and browsers use cookies.
  • Distinguish session cookies from persistent cookies.
  • Explain how cookies support personal details, preferences, shopping carts and login details.
  • Evaluate cookie use in practical scenarios while remaining within syllabus scope.
Key Terms
Cookie
Small data stored by a browser for a website and returned when relevant communication occurs.
Session cookie
A temporary cookie used for the current browsing session.
Persistent cookie
A cookie stored beyond the current session until its expiry or deletion.
Session
A period of interaction between a user and a website.
Preference
A user choice, such as language or display setting, that can be remembered.
Shopping cart
A temporary record of items selected for possible purchase.
Login details
Information used to identify or authenticate a user; a site may store a related login preference or session identifier in a cookie.
Personalisation
Adapting a website experience using stored information about the user or session.
Summary diagram
Summary Of The Main Ideas In This Lesson
What A Cookie Is

A cookie is a small item of data associated with a website and stored by the web browser. When the browser later communicates with the relevant website, it can send the applicable cookie data. This allows the server to recognise information about the session or returning browser.

A cookie is not a program that independently runs like an application. It is stored data. The meaning of that data is determined by the website that created it.

Cookies help overcome the fact that separate web requests do not automatically provide a complete memory of earlier interaction. A cookie can carry an identifier or selected information so that the website can connect one request with an existing session or preference.

Session Cookies

A session cookie is intended for the current browsing session. It is useful for information that only needs to remain available while the user is actively using the site.

An online shopping cart is a common example. As the user moves from one page to another, the website must continue to associate selected items with that user session. A session cookie can help maintain this association.

Session cookies are normally removed when the session ends, such as when the browser is closed, although exact behaviour can depend on the browser and session handling. The syllabus distinction is that they are temporary compared with persistent cookies.

Persistent Cookies

A persistent cookie remains stored beyond the current session, normally until an expiry time is reached or the cookie is deleted. It can allow a website to recognise a returning browser.

Persistent cookies can store or refer to user preferences, such as a chosen language. They can also support remembered login settings or saved personal details where the user has agreed to that behaviour.

Because persistent cookies remain for longer, they can provide convenience but also create privacy concerns. Browser privacy settings can control or remove stored cookies.

Required Uses Of Cookies

The syllabus identifies several uses. Cookies can help save personal details, track user preferences, hold items in an online shopping cart and store login details. In a careful technical explanation, note that a cookie may store an identifier linked to information held by the server rather than storing every item of information directly.

Tracking preferences means remembering choices that change the user experience. Holding a cart means maintaining continuity between page requests. Storing login details may mean remembering a user identity or maintaining an authenticated session; it should not be assumed that a plain-text password is safely stored in a cookie.

Security And Privacy Considerations

Cookies can make websites easier to use, but a user should understand that they can also be used to recognise a returning browser and observe preferences. Privacy settings allow the user to restrict, inspect or delete cookies.

A cookie does not by itself prove that the person using a device is the original user. On a shared computer, a persistent login-related cookie can allow another person to access an account if the session has not been properly protected. Logging out and using suitable privacy settings reduce this risk.

Session And Persistent Cookies Compared
Feature Session Cookie Persistent Cookie
Lifetime Temporary for the current session Remains beyond the session until expiry or deletion
Typical use Maintaining a current cart or active session Remembering preferences or recognising a returning browser
Convenience Keeps related page requests connected Avoids re-entering selected settings on later visits
Privacy consideration Usually shorter-lived Can track or remember information over a longer period
Worked Examples
Choosing A Cookie Type

Question: A website needs to remember a learner’s selected language when the learner returns next week. Which type of cookie is most suitable?

  1. Identify that the information must remain after the current browser session.
  2. Compare the lifetime of session and persistent cookies.

Answer: A persistent cookie is suitable because it remains stored beyond the current session and can remember the language preference.

Maintaining A Shopping Cart

Question: Explain how a cookie can help maintain an online shopping cart while a user moves between pages.

  1. The website creates a session or cart identifier.
  2. The browser stores the cookie.
  3. The browser returns the identifier with later requests.
  4. The server uses it to retrieve the correct cart for that session.

Answer: The cookie lets the website connect separate page requests to the same cart or user session.

Examination Guidance
  • Define the cookie before describing its use.
  • When comparing types, make the lifetime difference explicit.
  • Link a persistent cookie to a later visit and a session cookie to the current session.
  • Avoid claiming that cookies are always harmful or always secure.
Common Mistakes
  • Describing a cookie as executable malware.
  • Saying every cookie disappears immediately after a page is changed.
  • Claiming that a persistent cookie is permanent and can never be deleted.
  • Assuming a cookie must contain the user’s password in readable form.
Knowledge Check

1. What is a cookie?

Answer: Small data stored by a browser for a website and returned when relevant communication occurs.

2. How does a session cookie differ from a persistent cookie?

Answer: A session cookie is temporary for the current session; a persistent cookie remains beyond the session until expiry or deletion.

3. Give two syllabus uses of cookies.

Answer: Any two of saving personal details, tracking preferences, holding shopping-cart items and storing login details.

4. Which cookie type is suitable for remembering a preference on a later visit?

Answer: A persistent cookie.

5. Why can persistent cookies create a privacy concern?

Answer: They can recognise or track a returning browser over a longer period.