Besides prompting the user for data input through web forms, it is possible to store and retrieve information on the client side through the means of so called cookies, without the interaction of the user. All common browsers support this technology, whereas it is possible that cookies are not accepted due to strict security settings. We distinguish between session-cookies, which are removed from disk as soon as all browser windows are being closed, and permanent cookies. The latter can for example be used to track a client's action over several sessions, or to store user credentials, so that the user does not have to login each time she visits the web application.

### Root/cookies.js ### 
function demoCookie_action() { 
   var cnt =; 
   if (cnt == null) cnt = 0; 
   res.write("Your access counter is at " + cnt); 
   res.setCookie("counter", cnt + 1); 

The code example above will count the number of requests to http://localhost:8080/appname/demoCookie, and won't lose track even if several days/weeks are between each of the requests. Cookies are automatically created on the client-side (if the client accepts cookies, which is generally the case), if it did not exist before. Changing the value of a cookie is simply done by re-setting that cookie. Removing a cookie can be done by setting its value to an empty string.

Since form data as well as cookie data are both available as properties, and can not be distinguished there, it is sometimes necessary to use req.servletRequest.getCookies() in order to make sure that a certain information has actually been submitted as a cookie.