Cookies are defined in the Request for Comments (RFC) 2965 document, “HTTP State Management Mechanism.” You can find RFC documents at the following RFC Editor Web site:
Cookies can be created by client-side script in a Hypertext Markup Language (HTML) page (for example, by using a script written in Microsoft Visual Basic Scripting Edition or JScript), by Win32 programs that use the Microsoft Win32 Internet functions (InternetSetCookie and InternetGetCookie), or by server-side script (for example, a script written in Visual Basic Scripting Edition in an Active Server Pages [ASP] page, or a Common Gateway Interface [CGI] script).
Important: Cookies cannot be used to run code (run programs) or to deliver viruses to your computer.
The purpose of a cookie is to tell the Web server that you have returned to a specific Web page. For example, if you personalize Web pages, or register for products or services, a cookie helps the Web page server to recall your specific information. This may be useful to simplify the process of recording your personal information, such as billing addresses, shipping addresses, and so on. When you visit the same Web site, the information you previously provided can be retrieved, so you can easily use the Web site features that you previously chose.
You have the ability to enable or disable cookies, or have Internet Explorer prompt you before accepting cookies. Note that disabling cookies may prevent some Web services from working correctly, and disabling cookies does not make you anonymous or prevent Web sites from tracking your browsing habits. HTTP requests still include information about where you came from (HTTP Referer), your IP address, browser version, operating system, and other information.