|This article relies largely or entirely upon a single source. (October 2012)|
A magic cookie, or just cookie for short, is a token or short packet of data passed between communicating programs, where the data is typically not meaningful to the recipient program. The contents are opaque and not usually interpreted until the recipient passes the cookie data back to the sender or perhaps another program at a later time. The cookie is often used like a ticket – to identify a particular event or transaction.
In some cases, recipient programs are able to meaningfully compare two cookies for equality.
Cookie as token
A magic cookie can be analogous to, for example, the token supplied at a coat check (cloakroom) counter in real life. The token has no intrinsic meaning, but its uniqueness allows it to be exchanged for the correct coat when returned to the coat check counter. The coat check token is opaque because the way in which the counter staff are able to find the correct coat when the token is presented is immaterial to the person who wishes their coat returned. In other cases (as is possible with HTTP cookies), the actual data of interest can be stored as name–value pairs directly on the cookie.
Cookies are used as identifying tokens in many computer applications. When one visits a website, the remote server may leave an HTTP cookie on one's computer, where they are often used to authenticate identity upon returning to the website.
Cookies are a component of the most common authentication method used by the X Window System.