Cookies

Cookies

You may have noticed that Web sites are getting smarter by the day. The goal of a web site programmer should be to make the user's experience of the web site as easy and pleasant as possible. Clearly, well-designed pages with easily navigable layout are central to this, but they're not the whole story. We can one step further by learning about our user and using information gained about them to personalise the web site.

For example, when a user returns to a web site, whose name has already been asked when they first visited the web site, the web site could welcome them back by greeting them by their name. Another good example is given by a web site, such as Amazon's, which incorporates the 1-click purchasing system. By already knowing the user's purchasing details, such as credit card number and delivery address, we can allow the user to go from viewing a book to buying it in just one click, making the likelihood of them purchasing it greater. Also, based on information such as the previous purchases and browsing patterns of the user, it's possible to make book suggestions to the user.

Such personalisation on web sites requires that information about the user is stored somewhere in between their visits to the web site. Accessing the user's local file system from a web application is pretty much off limits due to security restrictions included in browsers. However, web site developers can store small amounts of information in a special place on the user's local disc, using what is called a cookie.

A cookie is a small piece of information that's sent to your browser - along with an HTML page - when you access a particular site. When a cookie arrives, your browser generally saves this information to your hard drive; when you return to that site, some of the stored information will be sent back to the Web server, along with your new request.

Sites with "shopping carts" are a good example of cookies in action: You browse a series of Web pages for items to buy, and when you find something you want, you "add it" to your shopping cart by clicking a button on the page. Later, you can view these items all together.

Even though you're communicating through an "anonymous" connection, the site always knows exactly what's in your personal shopping cart. It doesn't seem to matter whether you've clicked away to somewhere else and come back, or even if you've completely shut down your computer and returned days later. The site still knows who you are, and what you were shopping for.

Cookies are very important in today's web site development. This is due to many reasons. The addition of a simple, persistent, client-side state significantly extends the capabilities of Web-based client/server applications. Shopping applications can also now store information about currently selected items and sites can store per-user preferences on the client and have the client supply those preferences each time they connect. The main reason they are mainly needed is because sites providing services for which a fee is required can store registration information on the client and by retrieving it avoid the necessity of the user retyping a user-id on the next connection.

Creating your First Cookie

The key to cookies is the document object's cookie property. Using this property you can both create and retrieve cookie data from within JavaScript coding. We can set a cookie by setting document . cookie to a cookie string. The cookie string will be mentioned later in the essay. This is how to create a simple example of a cookie and see where the information is stored on the user's computer.

The Cookie

The following code will set a cookie with the information that UserName is Paul, and with an expiry date of 28 December 2010.

This page is saved as FreshBakedCookie.htm in the examples folder. You can view cookies without using code varies with the browser you are using. Below will explain how with IE, and NN.

Viewing cookies in IE

You can look at the cookies that are already stored by IE on your computer. You could load in the cookie-creating page created above, to see what it does. First you will need to open up IE. Your first have to clear the temporary Internet file folder for the browser, this will make it easier to view the cookies the browser has stored. After you have deleted these you can now look at the cookies you have currently residing on your machine. You should get a list of all the temporary pages and cookie files on your computer. The number of cookie files on your computer will vary, but shown over the page are those currently on mine:

The actual cookies, their names and values, will look slightly different depending on your computer's operating system. You can delete these cookies if you want. You can examine the contents of the cookies by double clicking them as seen below:

As you can see a cookie is just a plain old text file. Each web site, or domain name, has its own text file where all the cookies for that web site are stored. Try loading the FreshBakedCookie.htm page into the IE browser. This will set a cookie. As the cookie is creating from a web page that is stored on the local hard drive rather than a server, its domain name will be set in what directory it is in. When you open the cookie you should see all the information that was entered.

Viewing cookies in NN

There is no sharing of cookies between browsers, so the cookies stored when you visit web sites in an IE browser won't be available to NN and vice versa. NN keeps its cookies in a totally different place from IE, and the contents are viewed by a different means. Repeat the process and load the FreshBakedCookie.htm into the Netscape browser and view the cookie. Over the page shows the cookie in NN6:

Cookies work by a server when returning an HTTP object to a client, may also send a piece of state information which the client will store. Included in this state object (the cookie) is a description of the range of URLs for which that state is valid. Any future HTTP requests made by the client which fall in that range will include a transmittal of the current value of the state object from the client back to the server.

This issue with cookies tends to be a very big deal, this is mainly because of the security issues involved and also when we are

...