if a surfer already has a cookie called "mycookie" and I send him a cookie when he visits my site, will the old value be overwritten or can he have a cookie named "mycookie" for every site he visits?
Is there anything I should keep in mind in naming cookies? Or can I name it whatever I want?
question about cookies
Moderator: General Moderators
-
jaymoore_299
- Forum Contributor
- Posts: 128
- Joined: Wed May 11, 2005 6:40 pm
- Contact:
mycookie will only be overwritten if the original mycookie came from your domain. Generally browsers treat http://www.yourdomain.com as a different domain than yourdomain.com, set set the domain of the cookie to .yourdomain.com, notice the dot in front. The browser will not (for obvious security concerns) send a cookie to your domain that was set to a different domain.
Also you can name your cookie whatever you want but I'd keep it under 10 characters alphanumeric, you never know when a PDA or older browser will deny a cookie
edit | guess there are some limits to the name as Buddha443556 pointed out
Also you can name your cookie whatever you want but I'd keep it under 10 characters alphanumeric, you never know when a PDA or older browser will deny a cookie
edit | guess there are some limits to the name as Buddha443556 pointed out
Last edited by josh on Sat Nov 12, 2005 1:08 pm, edited 2 times in total.
- Buddha443556
- Forum Regular
- Posts: 873
- Joined: Fri Mar 19, 2004 1:51 pm
Yes there are some limits when naming cookies set by RFC 2109. The cookie NAME is an attr which is a token which informally is a sequence of non-special, non-white space characters. Should definitely not begin with a $ as they are reserved for other uses. Cookies are associated with the domain that set them. You can overwrite your own cookies but should not be able to overwrite some other domains cookies (even if they have the same name) or vis a versa.