A schematic of cookie interaction
- Browser sends a request to the server. Since the user has never
visited that site before, there are no cookies, so none are sent.
- The server notices that there are no cookies, so it assumes that
this a new visitor, and it generates a new ID for the user and
includes that ID as a cookie in the reply. The reply might even be
tailored for new visitors.
- The browser later (minutes or months later) makes another request
at that site and sends back the cookie it got in step 2.
- The server gets the request with the cookie, realizes this is a
returning visitor, and can generate a customized reply.