A cookie is simply text information that is stored on the client machine. Poke around in your browser's directory structure and you'll probably find a text file named cookies containing all the cookies your browser has stored.

Each document has its own set of associated cookies, which include names and values, separated by a semicolon and a space. Cookies can also contain a date value to specify when a cookie expires, which will cause the browser to remove the cookie from the machine. A cookie can also specify the path for which it is valid (the default is the document that created the cookie). Finally, a cookie can specify whether it is to be sent only over the SSL (Secure Socket Layer) protocol (the default for this is no).

Most browsers will limit the number and size of cookies that can be stored on a user's machine. Generally, you should keep cookie information below the 4K mark, and most browsers will limit a domain to 20 cookies.