About Our Cookies

Quick Cookie Primer

Skip the Primer

If you already have a basic understaning of cookies and just want information on the cookies the web application generates, you skip the primer by clicking on these links to go to the appropriate subsections.

Cookies set by the web application

Cookies which may be set by third parties through the application

About Cookies

Cookies are data which are specific for a particular website which are stored on a users browser and sent by the browser to the particular website anytime the user attempts to access the website. They are usually created and altered by the website according the way the user interacts with the website and the user then seamlessly tells the website all the information it has stored in the form of cookies every time they access the website.

Cookies are the primary means by which internet sites "remember" each user between browsing sessions. (A session is the time from when a user browses to a site to the time the user closes all windows and tabs associatied with the site.) By the use of cookies, a website can remember who a user is despite that the previous session may have ended days ago.

Cookies are used for a variety of purposes. The most common purpose they are used for is to remember the User Identity (UID) of a user for a particular website which in turn can allow the website to look up the data it has stored internal to itself about the user who has the cookie that the server created on their browser for them. This internal data can include anything from the version of browser and the dimensions of the screen upon which the website renders content, to user options like the preferred colours of the user, text-size or options that are specific to certain types of site.

Malignant Cookies

They can also be used to track user activities not only on the site that the user is visiting but on third party websites which are able to read cookies set by a website for other websites to read. Tracking cookies do not only store your options for a website but can identify across a huge swathe of websites and such sites can target content at those they track which can include advertising for commercial purposes by people who know you clicked on an advert for a train trip or a political candidate and are capable of being used for targeted propaganda at dissidents, people of influence and even people who some organisations may wish to keep in a bubble of false and misleading information for purposes which may not involve financial gain or profits as would fit into categories imagined by ordinary people where money is a scarce and all important matter to those who cant imagine a world composed of those who have never lacked money.

On this website, we tick the legal boxes of ensuring your privacy but then so do all the organisations showing privacy popups telling you they care so much about your privacy they are only going to share with their partners as soon as you click the annoying button preventing the flow of your browsing session. We don't share your data with anyone except the "authorities" and only then once the said "authorities" have fulfilled the legal requirements they need to follow like getting a court order and such like, indemnifying us from being sued by you because we gave away your private information to those who were not legally entitled. We will co-operate with the "authorities" but we strike a balance that the "authorities" must themselves be in compliance with the law.

We reserve a right to reveal your data without your permission in situations or imminent threat of death or torture, terrorism, state corruption and war. Outside of that, only if the law says we are required to divulge it.

Cookies Types

We separate cookies into four simple categories in describing who can see the cookies which are on your browser.

Session Cookies

These cookies are deleted at the end of every session and it would be rare for them to contain anything that could seriously violate your privacy. Perhaps the server wants to know what your screen size is during the current session so it can generate pages appropriate to the device dimensions. This could be stored in a session cookie but the next you access the website, the server will create a brand new session cookie serving the same purpose. Prior to version 0.3 of the web application, the "chatrooms section visiblity" and the "theme" being light or dark were stored on a session cookie which reset back to default values if the user left and came back again.

Third Party Cookies

Third party cookies are traditionally cookies which created for websites other than the website you are currently visiting. For example, you visit the website and it puts a cookie on your browser that can be read by any website and is intended that can read that cookie and make the connection that you exist elsewhere anytime you visit a whole range of websites.

Third party cookies were heavily exploited by organisations during the late HTTP 1.1 era and many browsers continue to allow users to block third party cookies with the caveat that on the modern internet, some sites may not work at all.

Samesite Cookies

A samesite cookie is a cookie which is created by a website specifically forbidding the cookie to be read by any website other than itself. These types of cookies are used by almost all websites which employ the use of cookies. The ability to be remembered by a site you signed up to logged into before is most often provided by samesite cookies.

Samesite Cookies by Third Parties

Social media and external authentication has encouraged techniques which were previously considered dangerous since they allowed third party websites to run programs on a website which was not their own. This was traditionally described as a cross site scripting XSS attack and far from a website just deliberately running a script from another site, alot of effort was made by maligned hackers to cause an external script to run on a website that was not their own such that alot of underlying technology had to be rewritten to prevent people from getting their scripts to run on someone elses website.

Samesite Cookies by Third Parties are a type of Samesite cookie which are appear to be created by the site that you are visiting and will not flag up as a third party cookie in a users browser but the cookies are ultimately being created by a script which is hosted on a third party website but is being run by the site you are visiting. The web application at the current time can run a script which is hosted by Facebook that creates cookies appearing to be created by the instance of the web application that a user is visiting. That is to say that a user visits, logs in using the facebook button and ends up with a samesite cookie for which were actually created by the script which was being hosted by facebook during the login procedure.

Cookies by Auranos


The auraTheme cookie is a samesite cookie which remebers the theme preferred by both members and anonymous users. At the current time (August 2020) there are two themes installed representing a dark mode like night time and a light mode like during the day.


The auraLogin cookie is a samesite cookie with potential privacy hazards as it stores the user identity (uid) for a user who has logged out. The uid is publishable and serves as a machine readable username for a member which allows members to alter their actual username at any time while keeping the same uid to which various other data may be attached to within the internal workings of the website and its web application instance.

This cookie is only created when a someone with a Basic Membership or greater opts to be remembered and logged in automatically every time they visit the site.


The auraLogin cookie is a samesite cookie with potential privacy hazard and a potential for security breach. In situations we will not disclose, anyone who gains knowledge of the value of the auraKey cookie has a potential to login to the account for the person to whom such a key has been issued.

This cookie is only created when a someone with a Basic Membership or greater opts to be remembered and logged in automatically every time they visit the site.

Third Party Cookies

Our Third Party Cookie Policy

With the possible exception of benign session cookies which are deleted at the end of each session and do not contain personally identifying information, the web application does not create any cookies which can be read by sites other than the site on which the instance of the Auranos.prg web application is running.

In saying this, in order to provide features that some websites employing an instance of the web application may desire to use, the use of Samesite Cookies by Third Parties is unavoidable if the certain features of the instance are enabled such as facebook logins.

The website owner should consult the list of enable commands in the file called settings.php in the auramain folder of the instance of the web application of the website to switch these features on and off.


Our website may be enabled to support logging in and signing up using Facebook as an Outside Authentication (OAuth) service provider. If you have logged in or signed up using the Facebook login then you will receive cookies which appear to be samesite cookies from our website but which were actually created by a script which is run through our site but hosted on Facebook.

At the current time (August 2020), Facebook will create two cookies which appear to be same-site/any-subdomain cookies from our website for anyone who logs in or signs up using the facebook login or continue as button. Their names are as described here:

fbm_############### (where # is digit from 0 to 9)

fbsr_############### (where # is digit from 0 to 9)

These cookies are only sent for "social members" who login to our site using the facebook login button and are not needed for members who have signed up for or upgraded from "social membership" to "Basic Membership".