Cookies and browser storage

The site currently relies on browser storage more than marketing-style cookies. This page lists the current storage items and related server-side identifiers used by the live repo.

Last updated Operator The Echo Archives, a Continental project

No ad-tech layer

The live public site can use cookieless Plausible pageview analytics, but it does not use advertising cookies or cross-site marketing trackers.

Browser-scoped memory

Ask the Archivist uses session storage, and the show-page rating widget uses anonymous browser identifiers.

Maintainer-only auth

Protected moderation routes can set a short-lived session cookie, but public browsing does not require a login.

Operator and scope

What this page covers

The Echo Archives is operated as a Continental project.

This page covers first-party cookies, sessionStorage, localStorage, and the small number of related server-side identifiers that matter for the current community-rating flow. For broader personal-data handling, see Privacy.

Storage inventory

Current storage list

Name or key Type Purpose Duration When it is set
echo-archives-chat-v3 sessionStorage Keeps recent Ask the Archivist messages available after a refresh during the same browser session. Until the browser session ends or site data is cleared. After Ask the Archivist saves conversation history.
echo-community-profile-id localStorage Stores the linked anonymous community profile id used by the frontend to fetch and update your rating state. Until you clear site data or remove it manually. When the community rating feature initializes on a show page or when a rating action refreshes that profile.
echo-community-voter HTTP-only cookie Stores an anonymous device token used by the server to keep one device tied to one community-rating profile without a public account. Up to about 400 days after it is set, unless the browser clears it first. When the show-page community rating feature bootstraps an anonymous profile or when a rating request needs a voter token.
echo-maintainer-reviewed-by localStorage Remembers the maintainer’s “Reviewed by” value inside the protected submission queue UI. Until it is cleared or overwritten. When a maintainer saves or reuses a reviewer name in the protected moderation tools.
echo-maintainer-session HTTP-only cookie Keeps a maintainer signed in to the protected moderation routes. Up to about 12 hours after sign-in, or until logout/clear. After a successful maintainer sign-in.
community-rating abuse hash Server-side log Stores a hashed abuse-prevention signal used for rate limiting and community-rating moderation. Rolling retention window, currently 30 days by default. When a community rating is submitted or removed.
Essential and optional use

What kind of storage this is

The current storage items are functional or security-related. They support chat continuity, anonymous ratings, and maintainer authentication.

The live public site can send cookieless Plausible pageview analytics, but it does not currently use optional advertising cookies, analytics cookies, or cross-site marketing cookies. No separate preference-cookie layer is implemented today.

Community ratings

What happens on show pages

The current implementation can set the anonymous rating identifiers when the show-page community rating widget initializes, not only after you click a score. That means the rating cookie is tied to use of the rating feature itself, even before a vote is submitted.

In practical terms, the rating system currently uses both the HTTP-only voter cookie and the linked local profile id. The cookie is not readable from frontend JavaScript, while the local profile id is used by the browser-side rating UI.

Your controls

How to clear or limit storage

  • Clearing site data in your browser removes session storage, localStorage, and first-party cookies for the archive.
  • Blocking the archive’s cookies can interfere with anonymous community rating behavior.
  • Logging out of protected maintainer routes clears the maintainer session cookie.
Future changes

What happens if storage changes later

If optional analytics cookies, advertising cookies, or preference cookies are introduced later, this page should be updated with the purpose, duration, and whether that storage is essential or optional. The privacy page should be updated at the same time.

The current implementation does not add a cookie banner because the live analytics setup is intended to stay cookieless and the public site does not use optional marketing cookies.