Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win


session cookie

Posted on 2000-05-12
Medium Priority
Last Modified: 2010-03-05
i want to set session cookie,
i saw some cookies of 32 bits from other web sites,
how can they set them?
how to generate a 32bits session cookie?
any one can provide me the code and explaination?
Question by:mwhuen
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
LVL 16

Accepted Solution

maneshr earned 60 total points
ID: 2805525
"...i saw some cookies of 32 bits from other web sites, "

as far as i know there is nothing call as a 32 bit cookie.
can you send the web site that gave you this cookie??

here are limitations on the number of cookies that a client can store at any one time. This is a specification of the  minimum number of cookies that a client should be prepared to receive and store.
*          300 total cookies
*         4 kilobytes per cookie, where the name and the OPAQUE_STRING combine to form the 4 kilobyte limit.
*          20 cookies per server or domain. (note that completely specified hosts and domains are treated as separate entities and have a 20 cookie limitation for each, not combined)

     Servers should not expect clients to be able to exceed these limits. When the 300 cookie limit or the 20 cookie per server limit is exceeded, clients should delete the least recently used cookie. When a cookie larger than 4 kilobytes is encountered the cookie should be trimmed to fit, but the name should remain intact as long as it is less than 4 kilobytes.
if you are looking a PERL based code that will set and read cookies, i have the same.

pl. let me know if you want it.

Expert Comment

ID: 2806411
i mean the value of the cookie is 32bit long.

cookie(-name=>bighuen, -value=>'12345678901234567890123456789012')

the value is 32 bits long,

how can i randomly generate it?
the reason for 32bit is for security?
any security in setting cookies?

LVL 84

Expert Comment

ID: 2806462
Do you mean 32 bits, or 32 digits?
``Anyone who attempts to generate random numbers by deterministic means is, of course, living in a state of sin.'' --John von Neumann
A problem with using rand to generate secure random numbers is that an attacker can deduce the seed to reproduce your values
You might try to pre-generate a list of random values to use, using the PGP key generator, or taking a large set of  Math::TrulyRandom values and hashing it down with a cryptographically strong hash function...
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.


Author Comment

ID: 2826985
i mean 32 digits,
how can i generate secure cookies?
can you show some examples or codes?

Author Comment

ID: 2933927
Comment accepted as answer

Author Comment

ID: 2933928
i still can't get an good answer about session cookie/value.
LVL 16

Expert Comment

ID: 2933986
"i still can't get an good answer about session cookie/value."

i think in that case you should not have awarded the points to me.

i would suggest that you explain clearly what you are looking for. in the explanation above you have mentioned about 32 bit secure cookies.

you need to let us know..

* if you are setting the cookie from a secure server (https://www.xyz.com..).
* if you want the session id to be 32 chars in length.


Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I've just discovered very important differences between Windows an Unix formats in Perl,at least 5.xx.. MOST IMPORTANT: Use Unix file format while saving Your script. otherwise it will have ^M s or smth likely weird in the EOL, Then DO NOT use m…
Many time we need to work with multiple files all together. If its windows system then we can use some GUI based editor to accomplish our task. But what if you are on putty or have only CLI(Command Line Interface) as an option to  edit your files. I…
Explain concepts important to validation of email addresses with regular expressions. Applies to most languages/tools that uses regular expressions. Consider email address RFCs: Look at HTML5 form input element (with type=email) regex pattern: T…
Six Sigma Control Plans

636 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question