Cookie names and values set in Apex are URL encoded, that is, characters such as @ are
replaced with a percent sign and their hexadecimal representation.
The setCookies method adds the prefix
“apex__” to the cookie names.
Setting a cookie's value to null sends a cookie
with an empty string value instead of setting an expired attribute.
After you create a cookie, the properties of the cookie can't be changed.
Be careful when storing sensitive information in cookies. Pages are cached regardless of
a cookie value. If you use a cookie value to generate dynamic content, you should disable
page caching. For more information, see “Cache Salesforce Sites Pages” in
the Salesforce Help.