DEV Community

Dev. Zubby Okere
Dev. Zubby Okere

Posted on

WHAT ARE COOKIES AND SHOULD YOU ACCEPT THEM?

Introduction

We all have visited different websites and the first thing we’re welcomed with are cookies! For some people, this is annoying as it’s not exactly what they came to the site to look for. People just want to surf a website and go their way. But what if I told you that cookies can be good for you and you should probably take them, you’d ask me why, right?

Well, this article is going to teach you everything you need to know about cookies, why you keep getting them, what they do for you and why they won't stop coming.

You don’t need to have any in-depth technical knowledge about websites, web development, HTTP requests and programming to follow this article. Everything is going to be broken down in an easy to understand way.

What are cookies

Well, cookies are just pieces of code or text files sent and received from a web server to a web browser. That sounds simple, right? They are shared between your browser, (Chrome, Firefox, Safari, etc.) and a server. This text file or code, when stored on your browser or computer gets pieces of information about your preferences on a website, login credentials, language selection, browsing pattern or behavior and much more. Google describes it as “small pieces of text sent to your browser by a website you visit.” They help that website remember information about you when you visit. Now, imagine you logged in to a website and after logging in, you try to purchase some items, then you click on add to cart, instead of adding to cart, you’re then taken to the login page, again, for you to login. Crazy, right? That’s going to make your web experience horrible! Or take for instance, you’re filling a form, a very long and important one, then you get on a call, thereby exiting the browser and when you’re done, you can’t find any information you entered in the form again, how would that make you feel? You’d feel really bad and exhausted. Cookies are files placed by a website on your browser to get crucial information about your activity on that website and help remember your choices. This communication happens between your browser and the website you visit. So, when you get on a call while filling that form, you return back and continue from where you stopped. It could be your language preference, say English, when you leave the site and return weeks later, you don’t have to select your language preference again because you accepted cookies. The website recognizes it’s YOU, your computer, technically, using a special ID which will be talked about much later in this article. To summarize this session, cookies can be seen as a tag given to you for an event. An access tag. You get into the event with your tag, but then go outside to talk to some people and then return. The only way they’d recognize you as someone that’s supposed to be in that event is by using your tag. If you lose your tag, they won’t remember anything about you anymore. Cookies are tags that are exchanged between websites and browsers.

Types of cookies

Now, there are different types of cookies and they all have different functions that they perform, but they are sent to track and get information about your activities on a website. There are so many types of cookies, but this article will cover only four of them that are the most relevant, including:

First party cookies: First party cookies are cookies sent or set by a website you’ve directly visited. Let’s say you visit stackoverflow, the website will set a cookie which will be saved on your browser. This cookie could be used to get the number of views, sessions, selections, settings and other data that need to be tracked by that website. It could be your preferences, links you clicked on and other details which could be sold to advertisers for targeted ads. That’s why when you visit a site like YouTube and watch some videos, you begin to get recommendations that are based on your choices when you visited YouTube. The same thing applies to your search engine, when you type in keywords to search for anything, that search engine remembers those keywords for a long time, that’s the work of cookies.

Third party cookies: These cookies are set to your browser by a different website other than the one you’re currently visiting. Take for instance the websites you see advertising on a website you visited, they could set cookies to get information about your browsing pattern, what you purchase, links you click and so much more. These could be used for research purposes, for marketing and tracking, helping them make more targeted and relevant ads and increasing the chances of conversion. Though there have been privacy concerns about third party cookies and also increased scrutiny on them.

Session cookies: Session cookies are more like temporal cookies. These cookies are set by a website just to track user activities on that website, sessions, authentication details, etc. they’re mostly used by e-commerce sites. Take for instance, you visit an e-commerce site, while navigating the site, adding items to cart, cookies are used to remember what you’ve added to cart and also to remember that you’re still logged in. You wouldn’t have to re-add items to cart again because you lost them while browsing other items while on that e-commerce site. This cookie “remembers” that you are still authenticated and continues to give you access to protected routes on a website and this session ends when you logout or close tab. This cookie has a very short lifespan and expires within a short period of inactivity or when you close the tab the website is on. They’re only used for navigating a website or session management.

Persistent cookies: A persistent or permanent cookie is one whose expiration date has been set to a much later date. It doesn’t expire when you close your tab or browser. However it can be deleted from your browser, manually. This type of cookie can also be updated, for instance when you visit a website, the website stores your settings and preferences. When you visit some other time and make new selections, the website updates them to its memory because you already accepted cookies earlier on and it recognizes your browser, using a unique ID, when you return. Whenever you visit a website and signup and then you visit at a later time, the website doesn’t ask you to signup again, instead, it fills your details and all you have to do is login. That’s how persistent cookies work. Publishers use persistent cookies to track user activities for a long time, detect patterns and also make some analysis.

Secure cookies: According to the MDN Web Docs, “A cookie with the Secure attribute is only sent to the server with an encrypted request over the HTTPS protocol.” What that means is that, it’s not going to be sent with unsecured HTTP. These types of cookies have an extra layer of security to protect sensitive data from being exposed and also man-in-the-middle attacks. Whenever a web server sets a cookie when sending a response to a browser, with the “secure” attribute, the browser will only include that cookie in subsequent request if that connection is secure (HTTPS) and if it isn’t (HTTP), the cookie will not be sent, just to preserve sensitive information.

Uses of cookies

By now, you probably already have an idea of what cookies are used for since we have already talked about what they are and their types. Cookies are an essential part of the web as we have it today. When a request is sent from a browser to a server, it’s done through a stateless HTTP protocol, which means that every request is treated as independent and isolated and the server doesn’t retain any information about past clients. So, cookies were introduced to enable websites remember visitors or IDs from a particular browser, irrespective of the number of times that website is visited. Who has this benefited the most, you or big corporations? Well, you’ll know when you read about the uses of cookies below:

Advertising and targeting: This certainly benefits organizations more because they want your precious data, your web interactions, your preferences and literally every activity that happens when you visit websites. They analyze these data and tailor ads that are relevant to you. This is surely a big win for them because if you were clicking on links related to sneakers, you’d begin to magically see ads related to sneakers when surfing the internet.

Session management: Now, this is one good use of cookies that benefits everyone, especially in terms of user experience and efficiency when browsing the internet. When you login to a website, for example, a session ID is generated for you by the website’s server. A session cookie is then set to your browser using the session ID. This is used to identify you, when you login and to give you continuous access to protected areas and also, preferences, when still logged in. This is what is referred to as a session. Just like the analogy of the event attendant was used, you don’t want to leave for a while and then return to start afresh. Another useful example is when you’re filing out a form and input wrong details, when the browser refreshes, it keeps the other pieces of information you entered and displays the appropriate error messages. This is what session cookies do. Once you’re done or close that tab, the session ends.

Performance and optimization: This is also beneficial to everybody because when cookies store some data on the user’s browser, it reduces the amount of data that needs to be sent when a request is made from the browser to the server, this data includes; session IDs, user preferences and even authentication tokens. That way, there’s faster page load and response rate and lower data payloads and overall performance.

Cookies and the law

There are serious privacy concerns about users being presented with cookies when they visit websites. A lot of users don’t know what cookies mean, hence this tutorial, but how does the law protect you from big corporations that want your data all the time, especially the once that use it for sinister motives? Are users data really safe on the internet or are they being given away or sold to organizations that want your data at all cost, just for their own benefit (to your own detriment)? Even though they differ by region, here’s what the law says about cookies below:

General Data Protection Regulation (GDPR) in the European Union: This is an EU law that mandates how organizations are supposed to use personal data. It stipulates that personal data has to be used in a friendly way and that users must consent to it. This law largely applies to the European Union member states and it defines personal data as “any information which, directly or indirectly, could identify a living person. Name, phone number, and address are schoolbook examples of personal data. Interests, information about past purchases, health, and online behaviour is also considered personal data as it could identify a person.” The law also states that users should have full control over their choices and preferences. To learn more about it, click here

California Consumer Privacy Act (CCPA) in the United States: This law obviously applies to California customers and it stipulates that customers reserve the right to know about the personal data businesses collect from them and how they are going to use this data. Businesses are expected to disclose the uses of cookies and also give users the option of opting out when they like. To learn more about that, click here.
In conclusion, every country has a law protecting consumers and their interests, just like the European Union and California. It’s very necessary to know what the law says in your own country and how it benefits or protects you, just to keep yourself safe on the internet.

Should you accept cookies
Well, cookies are meant to be taken or rejected, so I’d say yes and no! If you’re visiting a website and don’t trust that website, you can refuse all cookies. But then, again, it all depends on your privacy concerns, the functionality you want on the website and security concerns, also. If none of these things bother you, you can accept all cookies.
It’s also worthy to note that websites offer options based on the cookies they want you to accept. There are “necessary cookies” which are in most cases the default. There’s also the “all cookies” option, this will give the website full access to everything that it wants about you, track your activities on the website and also analyze your preferences. However, some websites offer you the opportunity to customize cookie preferences, this offers you more options on what you want.

Conclusion
Cookies allow us have the best experience when we visit websites. It’s part of the advancement of the internet and have become an intricate part of the web. While they help in navigating websites efficiently and smoothly by remembering our data, managing sessions when we login, providing analytics and data, there are also privacy concerns and that’s why it’s necessary to be educated on what cookies are and how they relate to you. People should choose their own preferences based on what aligns with them while surfing the internet.
To learn more about. Ponies, click here.

Top comments (0)