Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions

session cookie

Posted on 2000-05-12
Last Modified: 2010-03-05
i want to set session cookie,
i saw some cookies of 32 bits from other web sites,
how can they set them?
how to generate a 32bits session cookie?
any one can provide me the code and explaination?
Question by:mwhuen
LVL 16

Accepted Solution

maneshr earned 20 total points
ID: 2805525
"...i saw some cookies of 32 bits from other web sites, "

as far as i know there is nothing call as a 32 bit cookie.
can you send the web site that gave you this cookie??

here are limitations on the number of cookies that a client can store at any one time. This is a specification of the  minimum number of cookies that a client should be prepared to receive and store.
*          300 total cookies
*         4 kilobytes per cookie, where the name and the OPAQUE_STRING combine to form the 4 kilobyte limit.
*          20 cookies per server or domain. (note that completely specified hosts and domains are treated as separate entities and have a 20 cookie limitation for each, not combined)

     Servers should not expect clients to be able to exceed these limits. When the 300 cookie limit or the 20 cookie per server limit is exceeded, clients should delete the least recently used cookie. When a cookie larger than 4 kilobytes is encountered the cookie should be trimmed to fit, but the name should remain intact as long as it is less than 4 kilobytes.
if you are looking a PERL based code that will set and read cookies, i have the same.

pl. let me know if you want it.

Expert Comment

ID: 2806411
i mean the value of the cookie is 32bit long.

cookie(-name=>bighuen, -value=>'12345678901234567890123456789012')

the value is 32 bits long,

how can i randomly generate it?
the reason for 32bit is for security?
any security in setting cookies?

LVL 84

Expert Comment

ID: 2806462
Do you mean 32 bits, or 32 digits?
``Anyone who attempts to generate random numbers by deterministic means is, of course, living in a state of sin.'' --John von Neumann
A problem with using rand to generate secure random numbers is that an attacker can deduce the seed to reproduce your values
You might try to pre-generate a list of random values to use, using the PGP key generator, or taking a large set of  Math::TrulyRandom values and hashing it down with a cryptographically strong hash function...
Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.


Author Comment

ID: 2826985
i mean 32 digits,
how can i generate secure cookies?
can you show some examples or codes?

Author Comment

ID: 2933927
Comment accepted as answer

Author Comment

ID: 2933928
i still can't get an good answer about session cookie/value.
LVL 16

Expert Comment

ID: 2933986
"i still can't get an good answer about session cookie/value."

i think in that case you should not have awarded the points to me.

i would suggest that you explain clearly what you are looking for. in the explanation above you have mentioned about 32 bit secure cookies.

you need to let us know..

* if you are setting the cookie from a secure server (https://www.xyz.com..).
* if you want the session id to be 32 chars in length.


Featured Post

Announcing the Most Valuable Experts of 2016

MVEs are more concerned with the satisfaction of those they help than with the considerable points they can earn. They are the types of people you feel privileged to call colleagues. Join us in honoring this amazing group of Experts.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Many time we need to work with multiple files all together. If its windows system then we can use some GUI based editor to accomplish our task. But what if you are on putty or have only CLI(Command Line Interface) as an option to  edit your files. I…
There are many situations when we need to display the data in sorted order. For example: Student details by name or by rank or by total marks etc. If you are working on data driven based projects then you will use sorting techniques very frequently.…
Explain concepts important to validation of email addresses with regular expressions. Applies to most languages/tools that uses regular expressions. Consider email address RFCs: Look at HTML5 form input element (with type=email) regex pattern: T…

808 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question