So I have a website which I've recently been trying to optimise as it looks to webpagetest. I'm keenly aware of my novice status here, but I'm trying to cover all the basic stuff.
Anyway, I noticed that the server was sending cookies, for example:
where the 'x' is a digit 0..9 (since I don't know what the number represents I blanked it)Response Headers:
HTTP/1.1 200 OK
Set-Cookie: 90plan=Rxxxxxxxxxx; path=/; expires=Fri, 02-Mar-2012 02:30:01 GMT
Date: Tue, 28 Feb 2012 14:20:55 GMT
Server: Apache/2.2.X (OVH)
Keep-Alive: timeout=5, max=100
Content-Type: text/html; charset=UTF-8
The expires bit might conceivably be down to caching headers (which I've been adding). But I don't think the '90plan' bit is down to anything I've done. I'd quite like it not to happen unless there's a technical necessity. Because otherwise, as I understand it, fairly recent changes in the law make it illegal to serve cookies without getting permission first! Even if it's a technical requirement, I think declaring it is legally required.