July 15, 2024

Difference Between Cookies and Session

The web server does not know about its users. Because HTTP is stateless. It does not mean its states. That’s why we need to maintain the state of web site either on client side or server side. The session is a server side state management system and Cookies is a client site side state management system. This article describes a comparison between cookies a session.

What is Cookies?
A Cookie (browser cookie or Internet cookie) is a small amount of data created by the Web browser for further uses. It is a mechanism/method that allows the server to store its own information on the client computer. Web browser writes the information’s in a text file and store on the hard disk of client’s computer. The locations of cookies depend on the web browser. Different web browser uses different locations. Internet Explorer creates a separate file for each cookie and store in Windows subdirectory. Opera stores all cookies in a single file (cookies.dat). Netscape stores every cookie in a single file (cookies. txt). We can view the cookies from its location.

A cookie can keep information from the user’s browser until it is deleted. If users don’t want to give the username and password in his every login period, he can easily store his credential in cookies. We can store almost anything in our browser cookie. A user can block or delete cookies at any time.

There are two types of cookies. One is Session cookies and another one is persistent cookies. Session cookies has not expiration date and stored in memory not on the hard disk. It is lost When the browser is closed. Persistent cookies have an expiration date and stored in the hard disk. It is lost when its date is expired.

What is Sessions?
Session is a server side object to manage the state of a web site or web application. All the information is stored in a variable (called a session variable) and save in the server. For each new user every time the server creates a new session and its stay live until the session expires. The session is very light weight and reduce network traffic. If we close our web browser we will lose our session.

Cookies VS Session
The functionality of cookies and session is same. Both are used to store HTTP states. But their mechanism is different. The main differences between session and cookies are given bellow:

  1. It is stored in client side.
  2. It is only a store string type data.
  3. It is unsecured.
  4. We can disable it.
  5. Cookies are client side.


  1. It is stored in server side.
  2. It can store any types data.
  3. It is secured.
  4. We can’t disable it.
  5. Sessions are server side.

Before using we should have a clear concept about sessions and cookies. We must know when to use session and when to use cookies. Unless our site may fall in serious performance and security issues.

Rashedul Alam

I am a software engineer/architect, technology enthusiast, technology coach, blogger, travel photographer. I like to share my knowledge and technical stuff with others.

View all posts by Rashedul Alam →

One thought on “Difference Between Cookies and Session

Leave a Reply

Your email address will not be published. Required fields are marked *