Space in string cookies value will break the cookie like javascript: http://blogs.bytecode.com.au/glen/2005/06/08/1118184073080.html

Problem of deleting cookie using setMaxAge(0): http://blogs.bytecode.com.au/glen/2006/03/31/1143750630535.html

Protecting Your Cookies: HttpOnly, ( Set-Cookie: ASP.NET_SessionId=ig2fac55; path=/; HttpOnly ) - http://www.codinghorror.com/blog/archives/001167.html

Other than cookie, other client side storge API, localStorage,IndexedDB,File API - http://www.drdobbs.com/article/print?articleId=232900805&siteSectionName=web-development