4. HTTP Cookies

A cookie is a piece of data that is issued by a server in an HTTP response and stored for future use by the HTTP client. The client then re-supplies the cookie value in subsequent requests to the same server. This mechanism allows the server to store user preferences and identity individual users.

4.1 Setting Cookies

Servers supply cookies by populating the set-cookie response header with the following details:

Name	Name of the cookie
Value	Textual value to be held by the cookie
Expires	Date/time when the cookie should be discarded by the browser. If this field is empty the cookie expires at the end of the current browser session. This field can also be used to delete a cookie by setting a date/time in the past.
Path	Path below which the cookie should be supplied by the browser.
Domain	Web site domain to which this cookie applies. This will default to the current domain and attempts to set cookies on other domains are subject to the privacy controls built into the browser.

These fields allow a server to create, modify, delete, and control which parts of a web site will receive the cookie.

4.2 Retrieving Cookies

Whenever a client is about to make an HTTP request it consults its local cookie store to see if any unexpired cookies match the path and domain it is about to use. Any matching cookie values are submitted back to the server using the cookie header.

Example 4

Using HttpWatch with Example 4   To view the use of cookies on this page: Open the HttpWatch window by clicking on the HttpWatch icon on the toolbar Click on Record to start logging requests in HttpWatch Use the form above to create or edit cookies for this page Optional: You can add a filter to only capture access to this page by adding a 'URL contains' condition with the value "cookies/" To view cookies for this page, select its entry in the HttpWatch log and go to the Cookies tab

 

<< Previous (3. Status Codes and Error)    Next >> (5. Caching)