Cookie
A small piece of data the server sends to the browser, which the browser stores and sends back with every subsequent request. Powers sessions, tracking, and preferences.
What is Cookie?
A small piece of data the server sends to the browser, which the browser stores and sends back with every subsequent request. Powers sessions, tracking, and preferences.
Cookie is a foundational concept that sits in the Core Fundamentals area of system design. Engineers reach for it whenever they need to reason about real-world trade-offs in that space — not just for textbook correctness, but because real production systems at companies like Netflix, Amazon, and Google make these decisions every day.
If you want to go deeper than this definition — with diagrams, code, and a quiz to lock it in — work through the "Cookie" lesson linked below. It walks through the why, the mechanism, the trade-offs, and how the giants actually use it in production.
Learn Cookie in depth
Full interactive lesson with diagrams, code examples, real-world references, and a quiz.
Open the Cookie lessonRelated lessons
Lessons that touch on Cookie as part of a larger topic.
Cookie-Based Sessions
Using HTTP cookies to maintain user state across requests, the traditional session model
intermediate · security architecture
Browser Storage
Understanding the different ways browsers persist data on the client side, cookies, localStorage, sessionStorage, and IndexedDB
intermediate · web content delivery
Session Management
How servers remember who you are between requests in a stateless protocol
foundation · core fundamentals
CSRF
Cross-Site Request Forgery, tricking a user's browser into making authenticated requests to a target site
intermediate · security architecture
See also
Related glossary terms you might want to look up next.
Session
A way to maintain state across multiple HTTP requests. The server stores data about a user and gives them a session ID (usually in a cookie).
JWT
JSON Web Token: a compact, self-contained token for transmitting claims between parties. The server can verify it without a database lookup.
Stateful
A system that remembers previous interactions. The server keeps track of client state between requests, making it harder to scale but sometimes necessary.