There are a few ways to create cookies
You can create a cookie at the server or client.
1. An Origin Experiment cookie. Note: SiteSpect manages the cookie expiration date. When in a visit, SiteSpect will maintain this cookie so that it correlates with the visit length. The cookie will be maintained with an expiration that is the same as the visit expiration (default of 30 minutes). All visits will have this cookie present while the Campaign is running.
2. Manually in a header declaration with an Origin Experiment (the HttpOnly flag can also be used)
3. With JavaScript (will not be seen by the server until the next page request). A script like this code would be added into a page with a search and replace Variation.
var minutes = 30, date = new Date();
date.setTime(date.getTime() + (minutes * 60 * 1000));
document.cookie = "myCookie=123; expires=" + date.toUTCString() + "; path=/; Secure; SameSite=Lax;";
Information on the SameSite attribute.
https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite
Information on cookies in general
https://developer.mozilla.org/en-US/docs/Web/HTTP/Cookies