A cookie is a text string that is included with Hypertext Transfer Protocol (HTTP) requests and responses. Cookies are used to maintain state information as you navigate different pages on a Web site or return to the Web site at a later time. This article provides information about cookies.

Cookies are defined in the Request for Comments (RFC) 2965 document, "HTTP State Management Mechanism." You can find RFC documents at the following RFC Editor Web site: Cookies can be created by client-side script in a Hypertext Markup Language (HTML) page (for example, by using a script written in Microsoft Visual Basic Scripting Edition or JScript), by Win32 programs that use the Microsoft Win32 Internet functions (InternetSetCookie and InternetGetCookie), or by server-side script (for example, a script written in Visual Basic Scripting Edition in an Active Server Pages [ASP] page, or a Common Gateway Interface [CGI] script).

Important: Cookies cannot be used to run code (run programs) or to deliver viruses to your computer.

One of the primary purposes of cookies is to provide a convenience feature that you can use to save time. The purpose of a cookie is to tell the Web server that you have returned to a specific Web page. For example, if you personalize Web pages, or register for products or services, a cookie helps the Web page server to recall your specific information. This may be useful to simplify the process of recording your personal information, such as billing addresses, shipping addresses, and so on. When you visit the same Web site, the information you previously provided can be retrieved, so you can easily use the Web site features that you previously chose. For example:

• If you previously entered billing or shipping information for a purchase from a Web site, you may be able to use a password to automatically enter your information on an order form instead of having to enter this information again.
• A cookie can indicate that you previously selected one or more areas of interest you want to see each time you visit a Web site. For example, if you want to view only some types of news, you might select some types of news topics to view on a news-related Web site.

You have the ability to enable or disable cookies, or have Internet Explorer prompt you before accepting cookies in Internet Explorer 4 and later. Note that disabling cookies may prevent some Web services from working correctly, and disabling cookies does not make you anonymous or prevent Web sites from tracking your browsing habits. HTTP requests still include information about where you came from (HTTP Referer), your IP address, browser version, operating system, and other information.

Persistent vs. Session Cookies

Cookies are either stored in memory (session cookies) or placed on your hard disk (persistent cookies). Persistent cookies are written to the Cookies folder under either your user profile folder or the Windir\Cookies folder. The Temporary Internet Files index is updated with pointers to the actual cookies files. For additional information about persistent and session cookies, click the article number below to view the article in the Microsoft Knowledge Base: NOTE: Internet Explorer versions 3.x and 4.x do not distinguish between persistent and session cookies.

First-Party and Third-Party Cookies

First-party cookies are cookies that are associated with the host domain. Third-party cookies are cookies from any other domain. For example, suppose that you visit www.example1.com by typing the URL in the address bar, and sample.example1.com, www.example2.com, and www.example1.net have banner ads on this page. If these sites all set cookies, the cookies from www.example1.com and sample.example1.com are in a first-party context, and the cookies from www.example2.com and www.example1.net are in a third-party context.

NOTE: If you visit www.example1.com over a secure connection by using Secure Hypertext Transfer Protocol (HTTPS), content on the page that is not using HTTPS is considered third-party content. Also note that if you gain access to a site that uses cookies by using a frameset, or portal, on another site, those cookies are considered third-party content.

Cookies are uniquely assigned to your user profile, and can only be read by the host domain that issues the cookie to you.

Important: Because of a known issue in Internet Explorer 4 and Internet Explorer 5, a Web site may be able to retrieve cookies that were set by another host domain. This problem has been corrected in Internet Explorer 5.01 Service Pack 1 and later and in Internet Explorer 5.5 and later. For additional information about this issue, click the article number below to view the article in the Microsoft Knowledge Base: NOTE: Aside from the Internet Explorer 5.5 Advanced Security Privacy Beta (Version 5.50.4308.2900), Internet Explorer 3.x, Internet Explorer 4.x, and Internet Explorer 5, 5.01, and 5.5 do not distinguish between first-party and third-party cookies.

Internet Explorer 6 implements advanced cookie filtering that is based on the Platform for Privacy Preferences (P3P) specification. By default, Internet Explorer 6 blocks third-party cookies that do not have a compact policy (a condensed computer-readable privacy statement) or third-party cookies that have a compact policy which specifies that personally identifiable information is used without your implicit consent. First-party cookies that have a compact policy which specifies that personally identifiable information is used without implicit consent are downgraded (deleted when you close Internet Explorer). First-party cookies that do not have a compact policy are leashed (restricted so that they can only be read in the first-party context).

How to Manage Cookies in Internet Explorer

For information about managing cookies in Internet Explorer, see one of the following sections, as appropriate.

Internet Explorer 6

For additional information about managing cookies in Internet Explorer 6, click the following article number to view the article in the Microsoft Knowledge Base:

Internet Explorer 5, 5.01, and 5.5

For additional information managing cookies in Internet Explorer 5, 5.01, and 5.5, click the article number below to view the article in the Microsoft Knowledge Base:

Internet Explorer 4.x

1. Click View, click Internet Options, and then click the Advanced tab.
2. Scroll down to the yellow exclamation icon under Security, choose the option that you prefer for cookies, and then click OK.

Viewing the Information in a Cookie

To view the information in a cookie, double-click the cookie to open it. For information about how cookies are used on Microsoft's Web site, view the following Microsoft Web site:

Viewing or Deleting Cookies

For additional information about how to view the cookies that you have accepted or how to delete cookies, click the article number below to view the article in the Microsoft Knowledge Base: For additional information about how to determine which folder Windows is installed in, click the article number below to view the article in the Microsoft Knowledge Base: