.gif)
ASP.NET Cookies Overview
A cookie is a small piece of text stored on user's computer. Usually, information is stored as name-value pairs. Cookies are used by websites to keep track of visitors. The cookie contains information the Web application can read whenever the user visits the site.
Scenarios when we use cookie
In Web applications we can use Cookies to store user-specific information. For example, when a user visits your site, you can use cookie to store user preferences or login information. When the user visits your Web site next time, the application can retrieve the information it stored earlier in cookie.
How Cookies work in Background
A cookie is a small bit of text that accompanies requests and pages as they go between the Web server and browser. The cookie contains information the Web application can read whenever the user visits the site.
For example, if any user requests a page from your site and your application send a cookie with page that containing the user login information, when the user browser gets the page, the browser also gets the cookie, which it stores in a folder on the user hard disk.
next time when that user requests a page from your site again, when the user enters the URL then browser looks on the local hard disk for a cookie associated with that URL. If browser find any cookie, the browser sends the cookie to your site with the page request. Your application can then get the user login information. You might use the information.
All Cookies are associated with a Web site, not with a specific page, so the browser and server will exchange cookie information no matter what page the user requests from your site.
Limitations of Cookie
cookies can store information up to 4096 bytes(4 kb). Because of this small limit, cookies are best used to store small amounts of data. Most browsers allow only 20 cookies per site; if you try to store more, the oldest cookies are discarded. Some browsers also put an absolute limit, usually 300, on the number of cookies they will accept from all sites combined.
Writing Cookies
It is browser responsibility to manage cookies on a user system. Cookies are sent to the browser which request the url via the HttpResponse object that have a collection called Cookies.we can access the HttpResponse object as the Response property of your Page class. When creating a cookie, you must specify a Name and Value. every cookie must have a unique name it will help you to identified later when reading it from the browser.
You can also set expiration date and time for a cookie.The cookies that are expired will be deleted by the browser when a user visits the site that wrote the cookies.
Note:A users can clear the cookies on their computer at any time. Even if cookies has long expiration times.If you have not set the cookie's expiration,then the cookie will be deleted when user close the browser.
In the following example i am showing two methods to write cookies:
Response.Cookies["MyName"].Value = "Shanti";
Response.Cookies["MyName"].Expires = DateTime.Now.AddDays(10);
HttpCookie MyCookie = new HttpCookie("YourName");
MyCookie.Value = "Rajesh";
MyCookie.Expires = DateTime.Now.AddDays(1);
Response.Cookies.Add(MyCookie);
The above example adds two cookies to the Cookies collection, one named MyName and the other named YourName.
Writing Cookies having More Than One Value
we can store multiple name-value pairs in a single cookie. The name-value pairs are referred to as subkeys.by writing this type of cookie we can put related infomation in a single cookie.A cookie that contains subkeys also helps you limit the size of cookie files. because cookies are usually limited to 4096 bytes and you can't store more than 20 cookies per site.
Response.Cookies["AllName"]["Myname"] = "Shanti";
Response.Cookies["AllName"]["Yourname"] = "Rajesh";
Response.Cookies["AllName"].Expires = DateTime.Now.AddDays(10);
HttpCookie aCookie = new HttpCookie("AllName");
aCookie.Values["Myname"] = "Shanti";
aCookie.Values["yourname"] = "Rajesh";
aCookie.Expires = DateTime.Now.AddDays(10);
Response.Cookies.Add(AllName);
Reading a Cookies
we can read the cookies using the HttpRequest object.
if (Request.Cookies["Myname"] != null)
lbmyname.text = "My name is " + Request.Cookies["Myname"].Value + "!";
if (Request.Cookies["Yourname"] != null)
lbYourname.text = "Your name is " + Request.Cookies["Yourname"].Value + "!";
Advantages:
Simplicity
Disadvantages:
Cookies can be disabled on user browsers .
Cookies are transmitted for each HTTP request/response causing overhead on bandwidth .
Inappropriate for sensitive data.
