It originates when visiting a website, the web server sets a cookie in the browser of the client. It will be associated with that webpage and will be stored in request headers. Looks like this: Set-Cookie: cookieName=cookieValue; expires=Fri, 31 Dec 2023 23:59:59 GMT; path=/; SameSite=Lax
Cookies have expiry date or maximum age. If not specified, they are deleted at the end of the session. GDPR recommends reasonable expiry dates and requires consent for non-essential cookies. The selection of refusing cookies is a cookie itself. max-age=3600, it means the cookie will be valid for one hour.
When revisiting the website, the cookies are put in the headers of the HTTP requests. Web server can interpret the cookie to return personalised information.
Essential cookies are related to session states, and user authentication. They are needed for the website to function correctly.
Non-essential cookies are related to data collection and advertising.
There are wordpress plugins that handle them automatically, that’s why there is not much about them online.
