Cookie names and values set in Apex are URL encoded, that is,
characters such as @ are replaced with a percent sign and their hexadecimal representation.
The setCookies method adds the prefix
“apex__” to the cookie names.
Setting a cookie's value to null sends a cookie with
an empty string value instead of setting an expired attribute.
After you create a cookie, the properties of the cookie can't be changed.
Be careful when storing sensitive information in cookies. Pages are cached regardless of a
cookie value. If you use a cookie value to generate dynamic content, you should disable page
caching. For more information, see “Caching Force.comSites Pages” in the Salesforce online help.