Below is a list of Cookies Squarespace uses (check here often for the most updated version of this list):

 

Functional and Required Cookies

 

Name Purpose, type, and duration

_acloggedin    ·       Supports login by Scheduling client if the
client has an account.
·       Cookie
·       January 1, 2025

_client_acloggedin ·       Supports login by Scheduling client if the
client has an account.
·       Cookie
·       January 1, 2025 

algoliasearch-client-js ·       Adds auto-populated suggestions to
address fields in Scheduling to help
clients complete forms faster.
·       localstorage
·       Persistent

CART ·       Shows when a visitor adds a product to
their cart
·       Cookie
·       2 weeks

CHECKOUT_WEBSITE ·       Identifies the correct site for checkout
when  Checkout on Your Domain  is
disabled.
·       Cookie
·       Session

client_username ·       Remembers a logged in Scheduling
client's username between visits
·       Cookie
·       1 year

Commerce-checkout-state ·       Stores state of checkout while the visitor
is completing their order in PayPal
·       sessionstorage
·       Session

Crumb ·       Prevents  cross-site request forgery (CSRF).
·       Cookie
·       Session

hasCart ·       Tells Squarespace that the visitor has a
cart
·       Cookie
·       2 weeks 

Locked ·       Prevents the password-protected screen
from displaying if a visitor enters the
correct site-wide password. 
·       Cookie
·       Session

PHPSESSID ·       Securely authenticates a visitor during
their checkout in Scheduling.
·       Cookie
·       1 month

RecentRedirect ·       Prevents redirect loops if a site
has  custom URL redirects. Redirect loops
are bad for SEO.
·       Cookie
·       30 minutes

remember_client ·       Remembers Scheduling client’s login
details if they have an account.
·       Cookie
·       365 days 

siteUserCrumb ·       Prevents  cross-site request forgery
(CSRF)  for logged in site users.
·       Cookie
·       3 years

SiteUserInfo ·       Identifies a visitor who logs into
a  customer account
·       Cookie
·       3 years

SiteUserSecureAuthToken ·       Authenticates a visitor who logs into a
customer account
·       Cookie
·       3 years

squarespace-announcement-bar ·       Prevents the  announcement bar  from
displaying if a visitor dismisses it
·       localstorage
·       Persistent

squarespace-likes ·       Shows when you've already "liked" a
blog post.
·       localstorage
·       Persistent

squarespace-popup-overlay ·       Prevents the promotional pop-up  from
displaying if a visitor dismisses it
·       localstorage
·       Persistent

ss_cookieAllowed ·       Remembers if a visitor agreed to placing
Analytics cookies on their browser if a
site is restricting the placement of
cookies
·       Cookie
·       30 days

ss_sd ·       Ensures that visitors on the  Squarespace
5 platform  remain authenticated during
their sessions.
·       Cookie
·       Session

Test ·       Investigates if the browser supports
cookies and prevents errors.
·       Cookie
·       Session

TZ ·       Allows a Scheduling client’s
appointments to display correctly based
on their time zone preferences.
·       localstorage
·       Persistent

Cross-site request forgery (CSRF)

CSRF is an attack vector that tricks a browser into taking unwanted action in an application when someone’s logged in.

 

Analytics and Performance Cookies

  

Cookie Name Duration Purpose

ss_cid 2 years Identifies unique visitors and tracks a
visitor’s sessions on a site

ss_cpvisit 2 years Identifies unique visitors and tracks a
visitor’s sessions on a site

ss_cvisit 30 minutes Identifies unique visitors and tracks a
visitor’s sessions on a site

ss_cvr 2 years Identifies unique visitors and tracks a
visitor’s sessions on a site

ss_cvt 30 minutes Identifies unique visitors and tracks a
visitor’s sessions on a site