Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 156
  • Last Modified:

Long COOKIE Question

I'm investigating the use of cookies.  There seem to be two ways in which one can set a cookie.

(1) In the HTTP header (prior to the rest of the HTML doc being sent) using: Set-Cookie: NAME=VALUE; expires=DATE;path=PATH; domain=DOMAIN_NAME; secure

(2) In the header of the HTML Document using:
<meta http-equiv="Set-Cookie" content="NAME=VALUE; expires=DATE; path=PATH; domain=DOMAIN_NAME">

Both presumably amount to the same thing.
Q1.  Is this correct.  Are both these methods supported by all browsers which support cookie funcionality?

Q2. Does the Set-Cookie header have to be part of a CGI generated HTML page or can it just appear in any HTML page (this really only seems to apply to Set-Cookie format 2 above).

Q3. At what point is cookie actually set. Presumably as soon as the browser receives the header/http-equiv tag?

Q4.  Can the information in the cookie be updated?  I'm having problems with this.  Eg. lets say I want a counter (I don't, but lets say I do).  MY_CNT=0001.  I want to update this each time using the Set-Cookie: MY_CNT=0002 (etc).  Will this actually work? I can't seem to get it to.

Q5. Do you have any good URL on how to use cookies - I've got some basic pages but need more details and more step wise examples.

Thanks
0
martinbw
Asked:
martinbw
1 Solution
 
jceaCommented:
Q1.

Me correct method is (1). In fact, cookie support is voluntary. Old browsers (very old) don't support them. New browsers can disable support.

Q2.

If a browser accepts format (2) (most, if not all, do), cookie can be set in any HTML document.

Q3.

That's browser specific and can derive in race conditions. For example, main HTML document sets a cookie used in an inline graphic.

Q4.

Yes, simply update values. The machine which updates the cookie must have read access, that is, must match domain.

Using words from Netscape:
"Instances of the same path and name will overwrite each other,
with the latest instance taking precedence. Instances
of the same path but different names will add additional
mappings."

Q5.

Try Netscape site:
http://home.netscape.com/newsref/std/cookie_spec.html

0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now