80 likes | 210 Views
Lesson 8. Cookies. What is a cookie. A little “tarball†of information stored on the client machine’s hard drive. Usually in the cookies.txt file information can be placed in the cookies.txt file two ways: by the client using Javascript
E N D
Lesson 8 Cookies
What is a cookie • A little “tarball” of information stored on the client machine’s hard drive. • Usually in the cookies.txt file • information can be placed in the cookies.txt file two ways: • by the client using Javascript • by the server placing the cookie in the HTTP Response Header • in this case, you’ll usually be asked it its OK to save the cookie by your browser • the “tarball” consists of name value pairs
Cookie facts • Cookies are domain specific cookie information can only be retrieved by servers in the same domain that set the cookie; • If you set a cookie from Javascript it can only be retrieved by Javascript • Cookies are properties of documents ( there is a document.cookie) • Cookie records can contain: • cookie domain (domain of the server) • whether it need a sucure connection to access the cookie • pathname of URL capable of accessing the cookie • expiration date • name/value pairs
Cookie limitations • Not everyone has a cookie-friendly browser (but most people do). • Not everyone who has a cookie-friendly browser will accept your cookies (but most people will). • Each domain is allotted only 20 cookies (on a specific client machine), so use them sparingly. • Cookies must be no larger than 4 KB. That's just over 4,000 characters, which is plenty.
Life Cycle of Cookies • When you start up your browser the contents of cookies.txt is loaded into memory • during a browser session, cookies (including new ones) are kept in memory for speed reasons • in memory cookies are written to cookies.txt when you shut down the browser • cookies without expiration dates won’t be written to cookies.txt • cookies with expiration dates will be persistent in cookies.txt until Netscape removed (when they expire)
Setting cookies • Setting cookies is more frequently done by servers passing a cookie in the HTTP response header • assign the information to document.cookie • successive assignments are not destructive, they keep appending to what is already there • Javascript limits what you can assign from the client as follows: Document.cookie = “cookieName = cookieData [ ; expires = timeInGMTString] [ ; path = pathName ] [ ; domain = domainName ] [ ; secure ]
More... • Name/data - each cookie must have a name and data; data can contain no spaces (this implies URL encoding , use function escape( ) and unescape( ) • expires - must be in GMT format (use toGMTString function); if expires is omitted cookie is temporary and won’t be written to cookies.txt • path - for client side cookies just use the default • Domain - to help synchronize cookie data across a set of documents for the specified domain (this is known as the cookie domain) • SECURE - this is really for server-side cookies, so omit it.
Multiple name/value pairs Function getCookieData(label) { var labelLen = label.length var cLen = document.cookie.length var I = 0 var cEnd while ( i < cLen) { var j = I + labelLen if ( document.cookie.substring( I , j ) == label ) { cEnd = document.cookie.indexOf (“:”) , j) if (cEnd = = -1 ) { cEnd = document.cookie.length } return unescape(document.cookie.substring(j,cEnd) } i++ } return “ “ } • If you want to save multiple name value pairs make sure you separate them with some character so you can parse them out (like a “:”)