Data can be set by the client/server & cookies get transmitted via HTTP call.

write can be done in both client and server but reading of the cookie is something that is conditional on the client side because security is certain.

Type of cookies :

• Session cookie: it expires when the window closes.
• Persistent cookie: it expires for a particular date.

Size limit: 4kb per domain.

Performance: HTTP req/res time can be affected due to cookie size.

Data persistence: expiration date, expires on browser close or meeting expiry date.

Data structure: key: value pair.

Security: httpOnly, configure expiry, same site attribute, domain/path, secure properties, XSS, csrf.

When to use(use case) :

• Authorization,
• Light data > user preferences.