Cookies are a useful way to create stateful connections using the stateless HTTP protocol. But they are complicated and can open your web application up to some serious security vulnerabilities.

Prerequisites

In this series of articles, we’ll start off by introducing you to:

• Why We Use Cookies
  • Learn why cookies were created
• Cookie Default Behavior
  • Learn how cookies work by default (without any extra attributes)

Cookie attributes

Once you understand the basic behavior of cookies, then we’ll cover all their many attributes and how they affect when/if a cookie is shared.

• Expires & Max-Age
• Domain
• Path
• Secure & HttpOnly
• SameSite