50 cookies just by logging into chess.com

Hey Chess.com,

Just by logging into chess.com I got about 50 cookies.  @chess.com admins, whats going on that you need to do that?

1. launch Safari
2. go to chess.com. Make sure this is the only tab you have open
3. Got to Safari menu
4. settings
5. privacy
6. manage website data
7. remove all

At this point you only have chess.com open and should not have any cookies since you just cleared them.  

1. refresh the page
2. This will cause chess.com to get you to login again
3. Repeat the steps above to see the cookies.
4. Thats all the cookies you just got by simply logging into chess.com

wtf?

Hmm. I looked and didn't see a lot of other posts about the cookies on Chess.com.

Is the number (50) unusual for a gaming site?

Its unnecessary and reflects tracking and/or advertising, despite my being a paying member.

Hmm. How do you know that it's unnecessary?

I took the time to track down Chess.com cookies on Google Chrome and was able to get to a list. I only had 30.

Most of them were unintelligible to me but one tracked whether I used dark mode or light mode.

That seems necessary.

A cookie is just a key-value pair. It can contain anything, you really have no idea what it contains. Any piece of data whatsosever the developer wanted to store in local storage, in the browser, and sync with the server, can be stored as a cookie. And this site is made up of an enumerable amount of data. So it's quite a meaningless comment. 
For example, the fact you have logged in, and the time, is probably stored as a cookie so you don't have to login again. 
Dark mode is another good example. 
Furthermore, if the developer wanted to, they could probably condense that 50-cookie set into fewer cookies, but the same data would be there.
So it's a meaningless comment which reflects how little you understand what's going on, more than anything nefarious about the site.

If you feel it's a meaningless comment, then feel free to ignore it. If not, I suggest you try it and see the list of sites that store cookies and you'll see they have nothing at all to do with chess.com

????

Dunce - a cookie is not a network request to some 3rd party, it is a local piece of data which gets sent to chess.com servers simply to keep you in sync with them. It can store the results of a network request, because it can store anything, but it doesn't have to. Every single cookie stored by chess.com is associated with the domain chess.com. It is a nonsensical statement that you just made. Here's a list of all chess.com cookies in my browser. Look at the domain name. And the cookie name is meaningful within the code, obviously it's not meaningful to you since you've never seen the chess.com codebase, that isn't something that's public:

hi

I don't love cookies either. I use a blocker and a Pi Hole on my local network. However, if you want even the slightest bit of convenience, you have to have some cookies. It just is what it is. I've decided what balance of privacy vs. convenience I'm okay with, I might suggest you do the same.

Dudes - back in the late 90s people worried about cookies because network requests were generally unencrypted - they used http - hence it was possible for hackers nearby to sniff your network calls, and see what data was in the cookies. Nowdays... https is enforced on mobile devices, and modern browsers essentially enforce https via displaying large warning messages whenever you visit a site without it. Chess.com, if you look up at the top left of your browser at the URL, you will see HTTPS there. In other words - no one can possibly snoop in your cookies. This is not the late 90s anymore. In terms of the level of access to information there is absolutely no difference between a site which uses cookies, and a site which doesn't. And the cookies are only sent to the site you're on. This security restriction is enforced at the browser level. Now, sites can make 3rd party network requests, but that has nothing to do with cookies whatsoever.

What a cookie does is... lets say you closed chess.com, and then you opened it again. Your login state was stored as a cookie, and so when you visit chess.com the 2nd time... it knows you're already logged in. 
You're not telling anything new to chess.com - you already logged in once before.

Im sorry but if you spend your time worrying about cookies I would suggest either getting educated or getting medicated.

Rat, I think you misunderstood me. I know how cookies and HTTPS work—I’ve done ethical hacking for companies, so I’m not speaking out of ignorance. My point wasn’t about outdated security issues but about privacy and tracking concerns.

Cookies, especially third-party ones, are commonly used to track users across sites, which is a valid privacy concern regardless of HTTPS. Blocking them isn’t just about preventing old-school network sniffing; it’s about limiting unnecessary data collection and targeted advertising.

If you’re fine with how sites use your data, that’s your choice. I was just suggesting people find their own balance between privacy and convenience, not claiming the sky is falling. No need to talk down to me.