Introduction to first party cookies

Tue, 10/21/2008

It seems that many people who work in online advertising don’t fully understand how cookies work, so I thought I’d do a post on it since cookies are such an integral part of online advertising.

Hopefully the chart below will help you follow along.

When thinking about cookies, it’s best to think of all the communication as occuring between the browser and the web server. In the depiction above, the browser is the program on a computer that the user uses to surf the web. The web server is a separate machine, which hosts web pages.

When a user enters in a website address, the browser makes a request to the web server that is hosting that website address. When making a request, the browser sends a bunch of information, such as its IP address, the type of browser as well as the requesting domain name and path. The web server will then typically respond by sending the browser some html code, which defines what the user will see in her browser, and maybe a cookie.

In essence, all a cookie is is some text, which the browser saves as a text file. It often consists of a random text string generated by the web server along with an expiration date. If the browser makes another request to the web server (such as requesting another page), the cookie will get sent back to the web server. This happens only when the requested page is on the same domain (or subdomain) as the original request, so if you have a cookie from google.com stored in your browser, that cookie will get sent only when a URL residing on google.com is requested. The web server can then see that the cookie sent with the second request contains the same text string as the response to the original request that the web server sent and will know that the two requests were made by the same browser.
The common applications of first party cookies are site login systems (the user/browser logs in to a site and then on subsequent requests, the web server knows that the requests are coming from the browser that first logged in) and some web analytics programs, which allow for tracking a single browser across a site.

Next up, I’ll discuss third party cookies.