Even if you write a whole cookie string to document.cookie, when you read it out again, you can only see the name-value pair of it. Such cookies are called “session cookies”. That's where SameSite=Lax comes in by allowing the cookie to be sent with these top-level navigations. This isn't particularly useful for anyone since promo_shown isn't used for anything on this other person's site, it's just adding overhead to the request. If you have suggestions what to improve - please. If you want to not emit the value you can set the SameSite property on a cookie to -1. So the server knows who made the request. This document defines the HTTP Cookie and Set-Cookie header fields. Cookies are usually set by a web-server using the response Set-Cookie HTTP-header. document.cookie provides access to cookies, Updating or deleting must use same path and domain, video courses on JavaScript and Frameworks, Next time when the request is sent to the same domain, the browser sends the cookie over the net using the. One of the most widespread use cases is authentication: We can also access cookies from the browser, using document.cookie property. In Firefox and Safari, the document.cookie DOM property matches the Cookie header, including omission of cookies that were restricted by SameSite navigation rules. We can’t set any domain. Also, some modern browsers employ special policies for such cookies: If we load a script from a third-party domain, like