Assuming the remote server is using cookies rather than session IDs (you can find out by closing your browser and then trying to reconnect without logging in: if you can, then it's cookies; otherwise, it's sessions)

I am confused. This doesn't make sense to me.

The site is using cookies, I'm certain. It's not passing session vars around. But closing and restarting the browser would only prove whether there were cookies which expired at some later date, instead of at the end of the session. Those are the "remember me" type cookies.

And, as I know that the site is sending cookies to my browser, why is Mech not getting those cookies and writing them to the cookies file? It knows where the file is and can write to it. But it doesn't write any cookies.