Databases and Cookies - Key Points About Cookies
(Page 2 of 13 )
After teaching the concepts and techniques of cookies to several classes, I have found that the same concepts cause confusion for many people. This section provides explanations for those problems areas. Note that these explanations are in the context of a site designer working with ASP-ADO, and are generalities. Other site design tools offer their own techniques for working with cookies. In each case there are a few exceptions, but it helps my students to understand the core ideas first, then deal with exceptions later.
Cookies are created by an ASP page Many people wonder how the cookie gets set in the first place. It is not automatic. There is nothing built into the server or the browser that automatically sets cookies. The cookie-making process starts with several lines of code that you write in a page of your site. When the visitor opens that page, the lines of code instruct the browser to create the cookie. In summary, the script of the page instructs the browser to carry out the cookie baking.
Cookies are located on the visitor's machine Cookies are stored on the hard drive of the browser's machine. Each cookie has several pieces of data:
- Which domain (web site) set the cookie
- A date of expiration for this cookie
- One or more pieces of data
- Optional: keys that organize multiple data in folder-like groups
Note that the browser knows that a particular domain set a particular cookie.
The mechanism of how cookies are stored and organized on the user's PC is browser-specific As programmers, we can write an ASP page that tells the browser to create a cookie. We do not need to know any further specifics about how the browser creates the cookie since the browser performs the actual writing. Many students ask about the intricacies of how cookies are formatted and organized on the disk, but that topic is not part of ASP-ADO, it is part of a course in programming IE or Netscape. As programmers, we only need to know that all browsers have the ability to receive and carry out generic (not browser-specific) instructions regarding cookies. To summarize, to the programmer all browsers have the same interface regarding cookies. The details of carrying out the job vary between browsers, but that does not concern us in this book.
Cookies do not persist unless instructed Cookies, by default, only last as long as the browser is open. To make a cookie persist beyond the current session of the browser, you as the programmer must set an expiration date for some day in the future.
Cookies have size limits The WWW standards for browsers specify that they must support at least 300 cookies. That is a total from all websites, so the server that sets the 301st cookie erases the first cookie. In addition, each cookie size cannot exceed 4KB. There is also a limit of about 250 keys per cookie. In practical work, the limits on keys are not a problem. However, a very active web surfer could exceed the number of cookies supported by her browser. As covered below, it is important to have your site prepared for the non-existence of cookies.
When a request is made to a domain, all of the cookies set by that domain are automatically sent along with the request Prior to sending an URL request to the ISP, the browser checks to see if there are any cookies that have been set by that domain. If there are, then the browser copies the cookie's data into the header and sends it with the URL. Now consider this from the server side; this means that all of the cookies you set are available to you, as the programmer, in each and every page request sent from the browser. You can extract the cookie data and use it in the first response page. To repeat, when reading cookies you do not make a separate trip to the browser to get the cookies; all the cookies set by your domain are sitting right in the Request object, having been sent to the server by the browser with the original request.
This is from Beginning ASP Databases by Kauffman, Spencer, and Willis (Apress, ISBN 1590592492). Check it out at your favorite bookstore today.
Buy this book now. |
Next: Looking at your cookies >>
More ASP.NET Articles
More By Apress Publishing