The HTTP Cookie — How Websites Remember Who You Are
Lou Montulli's 1998 Netscape patent describes the browser cookie — the mechanism that lets websites store small pieces of data on your computer so they can remember your login, shopping cart, and preferences across page loads.
Original patent title: “Persistent client state in a hypertext transfer protocol based client-server system”
What this patent covers
The actual claim
This patent describes a system for maintaining 'persistent client state' in the otherwise stateless HTTP protocol. HTTP was designed as a simple request-response protocol — each page load is independent, with no memory of previous requests. Cookies solve this by having the server send a small piece of data (the cookie) with its response, which the browser stores locally. On every subsequent request to the same server, the browser automatically includes the cookie in its request headers. The server reads the cookie and uses it to identify the user or recall their preferences. Cookies can be session-based (disappearing when you close the browser) or persistent (stored on disk with an expiration date).
What this patent does NOT cover
The boundaries
- localStorage and sessionStorage — newer browser APIs for client-side storage that don't automatically send data to servers
- Server-side sessions (where the cookie only holds a session ID and all data lives on the server) — the patent covers the client-side storage mechanism, not specific implementations
- Third-party tracking cookies — the use of cookies by advertisers to track users across sites was not the invention's intent
- Secure/HttpOnly cookie flags — these security attributes came later and are not part of this patent
These exclusions are unique to PatentBrief — derived from the actual claim language, not patent-office boilerplate.
What made this novel
Montulli invented cookies in 1994 while working at Netscape, specifically to solve a problem for an early e-commerce site (MCI): how to implement a shopping cart without requiring users to log in. The web's stateless design meant every page load forgot everything about the previous one — you'd have to re-add your items to the cart on every click. Montulli's solution was to store a unique session identifier in a small text file on the user's computer. The name 'cookie' comes from Unix 'magic cookies' — tokens passed between programs to maintain state. The shopping cart use case seems obvious in retrospect, but at the time it required inventing an entirely new mechanism for how browsers and servers communicate.
Schematic visualization of the patent's claim structure. Hand-drawn diagrams in progress for each landmark patent.
Where you've seen this
Real-world examples
Amazon's shopping cart persists across sessions because your cart contents are stored server-side and linked to a cookie ID — when you return, Amazon reads your cookie and retrieves your cart
The 'Remember me' checkbox on login forms stores an authentication token in a persistent cookie, so you don't have to log in again for weeks
Online advertising networks use third-party cookies to track which websites you visit across the web — this use, far from the original shopping-cart purpose, is why cookie consent banners now appear on every European website under GDPR
Why it matters
The bigger picture
Cookies are simultaneously one of the most essential and most controversial technologies on the web. Without them, every website would be stateless — no logins, no shopping carts, no personalization. With them came persistent tracking, behavioral advertising, and privacy concerns that led to GDPR, the California Consumer Privacy Act, and a decade-long effort by browser vendors to phase out third-party cookies. Montulli's invention solved a real problem and created a lasting one. Google's multi-year effort to replace third-party cookies with the Privacy Sandbox shows how fundamental — and how difficult to replace — this 1994 invention remains.
Filed
October 6, 1995
Granted
June 30, 1998
Claim 1 — Plain English
What this patent covers
This patent describes a system for maintaining 'persistent client state' in the otherwise stateless HTTP protocol. HTTP was designed as a simple request-response protocol — each page load is independent, with no memory of previous requests. Cookies solve this by having the server send a small piece of data (the cookie) with its response, which the browser stores locally. On every subsequent request to the same server, the browser automatically includes the cookie in its request headers. The server reads the cookie and uses it to identify the user or recall their preferences. Cookies can be session-based (disappearing when you close the browser) or persistent (stored on disk with an expiration date).
The clever bit
Montulli invented cookies in 1994 while working at Netscape, specifically to solve a problem for an early e-commerce site (MCI): how to implement a shopping cart without requiring users to log in. The web's stateless design meant every page load forgot everything about the previous one — you'd have to re-add your items to the cart on every click. Montulli's solution was to store a unique session identifier in a small text file on the user's computer. The name 'cookie' comes from Unix 'magic cookies' — tokens passed between programs to maintain state. The shopping cart use case seems obvious in retrospect, but at the time it required inventing an entirely new mechanism for how browsers and servers communicate.
What it does not cover
- localStorage and sessionStorage — newer browser APIs for client-side storage that don't automatically send data to servers
- Server-side sessions (where the cookie only holds a session ID and all data lives on the server) — the patent covers the client-side storage mechanism, not specific implementations
- Third-party tracking cookies — the use of cookies by advertisers to track users across sites was not the invention's intent
- Secure/HttpOnly cookie flags — these security attributes came later and are not part of this patent
Patent Journey
From filing to expiry
Patent Filed
1995
Patent Granted
1998 · 3yr after filing
Highly Cited
508 patents cite this
Patent Expired
2015
PatentBrief Score
Impact Score
Strong
Citation count
40/40
Highly cited
Claim breadth
20/20
Very broad protection
Recency
0/20
Older than 20 years
Assignee scale
0/20
Independent or smaller assignee
PatentBrief Impact Score — based on citation count, claim breadth, recency, and assignee scale. Not a legal assessment.
The original legal language
Original claims
31 claims as filed with the patent office.
Glossary
Key terms defined
- session cookie
- A cookie with no expiration date that is deleted when the browser is closed
- persistent state
- Information that survives across multiple request-response cycles — what cookies were designed to enable
- persistent cookie
- A cookie with an expiration date stored on disk, surviving browser restarts
- stateless protocol
- HTTP's design where each request is independent — the server has no inherent memory of previous requests from the same client
Citations
Patent lineage
Stay in the loop
Get a weekly digest of new patents.
One email per week. No spam. Unsubscribe anytime.
Keep exploring
Related patents you should know
US 12564871 · 2026
A Fixture for Cleaning Showerheads with Multiple Separate Chambers
This patent describes a cleaning device for showerheads that uses a fixture with three or more separate internal compartments and channels to direct cleaning fluid to the showerhead's upper surfaces.
ASM IP HOLDING BV
US 12324579 · 2025
Surgical Stapler Battery Health Check During Operation
This patent describes a powered surgical stapler that can detect if some of its rechargeable battery cells are damaged while it's actually firing staples, helping ensure the procedure finishes safely.
CILAG GMBH INT
US 12471982 · 2025
Surgical Tool That Combines Energy Treatment and Stapling
CILAG's patent details a surgical instrument that applies therapeutic energy to tissue, monitors its properties, then deploys staples, adapting the stapling based on the initial energy treatment and monitoring.
CILAG GMBH INT
US 11918209 · 2024
Real-Time Surgical Instrument Status on Live Video During Operations
This patent describes a surgical system that shows live video from inside the body and overlays important information about the surgical tool directly onto the screen, helping surgeons operate more precisely.
CILAG GMBH INT
US 8697359 · 2014
How to Use CRISPR-Cas9 to Edit Genes in Human Cells
This patent describes a method and system for precisely altering gene expression in eukaryotic cells, including human cells, using an engineered CRISPR-Cas9 system that targets and cleaves specific DNA sequences.
Massachusetts Institute of Technology
US 4683195 · 1987
How to Make Many Copies of a Specific DNA Segment
This patent describes the Polymerase Chain Reaction (PCR), a fundamental process for making millions of copies of a specific DNA or RNA segment from a tiny sample, enabling its detection.
Cetus Corp
Semantically similar
You might also find these interesting
US 5960411 · 1999 · Amazon com Inc
How Amazon's One-Click Online Ordering System Works
US 5347632 · 1994 · Prodigy Services Co
How Early Online Services Delivered Applications Using Networked 'Objects'
US 4200770 · 1980 · Leland Stanford Junior University
The Math That Makes Every HTTPS Connection Secure
US 5838906 · 1998 · University of California San Diego UCSD
Microsoft's Browser Patent — At the Center of the Biggest Antitrust Case in Tech
Patent monitoring