[2 days left] What’s wrong with your cloud strategy? Learn why multicloud solutions matter with Nimble Storage.Register Now


ASP- server cookies

Posted on 2004-11-01
Medium Priority
Last Modified: 2012-06-27
Ok, to be blunt, I am really frustrated.

I need to know what a server cookie is, and how to use one and I can't find anything on it. people keep mentioning session variables and server cookies as if they were the same thing, are they???????

Now I don't mean cookies that reside on a user's computer, I mean cookies that reside on a server.

Please, please, please tell me what a server cookie is and how to use it.

I am using plain old ASP, not ASP.NET.

Thank you!
Question by:vanauden
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
LVL 26

Expert Comment

ID: 12469019
Well, I've seen server cookies used in the context of network load balancing, but I'm pretty sure that's not what you're talking about.

The only thing I can think of is:

1.  They don't know what they're talking about; cookies are client-side things.  Calling a Session Variable a cookie is just silly, IMHO.

2.  They're talking about Server-to-Server HTTP requests, where your local server will need to process, persist, and supply cookies to the remote server.  For example, you aggregate an RSS news feed on your server, then send it to the client.  You may need to provide cookies from your server to the remote server when you make your request, and it may send you cookies in it's response.  The ServerXMLHTTPRequest object uses WinHTTP for these requests, and here's some MSDN info on how WinHTTP uses cookies:


These are, in fact, regular old cookies, but they're stored on the server.

Mike Sharp
LVL 15

Expert Comment

ID: 12470659
LVL 15

Expert Comment

ID: 12470755
just look at it this way cookies refer to client side data that stored in the computer of the user. Now session varaibles are varibales that is stored on the server. But session variables is only active or usable for a scpecific amount of time but if you close the browser all session variables is lost. Unlike cookies it can be used for a specified time since it reside on the user computer it can be access again and again as long as it is not reach the specified time.(day, month...)

you can look at this link..



Happy programming...
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!


Accepted Solution

techjosh earned 2000 total points
ID: 12470846
"Server Cookie" is, I believe, a misnomer.  At least, its not something I've ever heard of.  What I believe you are referring to is the cookie that ASP creates for every session.  The cookie is sent to the client the first time the browser loads a page in that application.  It allows the server to identify that browser session and to use the proper session variables when displaying pages.

The cookie itself looks something like this: ASPSESSIONIDXXX=XXXXXXXXXXXXXXXXXXXXXXXXXXXXX
where the 'X' characters are some random alphanumeric characters.

This cookie makes it possible to use the Session object to persist values across page requests.  The ASP engine automagically looks up the proper session object to use for each response based on the cookie used in each request.  If the browser does not send that cookie, the ASP engine will assume that this request is a new session and send a new cookie.

So, to answer at least part of your question, cookies are essential for session variables to work.  They are not the same thing as session variables exist only at the server while cookies exist at, and are transmitted back and forth between, the server and browser.  Cookies can be used for other things besides temoprarily storing the ASPSESSIONID cookie, though.  They can store people's logon names, passwords, etc...  can be manipulated in the browser using javascript, and can persist for a long time in your browser's cache.  Session variables exist only for the duration of that session, but are more secure because their contents don't leave the server.

Author Comment

ID: 12473347
Hi techjosh

Thank you for the clear explanation. That tell me that I want to use session variables for what I want to do.

I fail to see why people would talk about "server cookies" if they don't exist. Just say "session variable" if that is what you mean!

A member of Experts-Exchange actually mentioned this term to me to help me on a related problem (I have been having trouble with a bingo/tictactoe game). (This is not a flame - merely information) However, it is not the first time I hear/read it.

here is the link--- http://www.experts-exchange.com/Databases/Microsoft_SQL_Server/Q_21188473.html#12469710

It is mentioned in the fourth message from the bottom.

Anyway, the point is moot. your answer gave me what I needed. A clear explanation.

Thank you, as well, to the rest of you who helped!
LVL 26

Expert Comment

ID: 12476251
Remember though, if the user's browser does not accept cookies, you won't be able to use session variables in ASP.  

In general, web applications that maintain state between requests are not good design, unless there's some compelling reason to to it.  They're expensive in terms of server resources (less so if you preserve session state in a DB).  Make sure you really need them before using them; there may be a more efficient stateless way of accomplishing whatever your goal is.  I've seen them used a lot of times out of "convenience" when there is a better way.  An example of this is a set of forms-processing pages.  When the user clicks submit on each form as they work through a set of pages, it's better to capture state in hidden form fields, submitting these each time along with the new values than it is to "remember" previous pages the user submitted.  Of course, you don't store sensitive information in this type of field!  

Stateless almost always scales better.  And it eliminates an entire class of bugs, just as pure functions are more robust than functions that exhibit side effects.  I've been doing web development for a long time, and it's pretty rare to "need" session variables in an application.  They are usually the result of either poor application design, or programmer laziness.  

That said, if any type of authentication/log in is needed, a session cookie and it's corresponding server-side session variable is probably necessary.  Just don't store things in session variables that should be put elsewhere.
Mike Sharp


Featured Post


Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Shoutout to Emily Plummer (http://www.experts-exchange.com/members/eplummer26.html) for giving me this article! She did most of it, I just finished it up and posted it for her :)    Introduction In a previous article (http://www.experts-exchang…
What is Node.js? Node.js is a server side scripting language much like PHP or ASP but is used to implement the complete package of HTTP webserver and application framework. The difference is that Node.js’s execution engine is asynchronous and event…
The viewer will learn how to create and use a small PHP class to apply a watermark to an image. This video shows the viewer the setup for the PHP watermark as well as important coding language. Continue to Part 2 to learn the core code used in creat…
HTML5 has deprecated a few of the older ways of showing media as well as offering up a new way to create games and animations. Audio, video, and canvas are just a few of the adjustments made between XHTML and HTML5. As we learned in our last micr…
Suggested Courses

656 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question