JavaScript - Cookies
In a Nutshell - CIW Course Section 2, Part A2, Chapter 2
Overview
There is a lot of controversy about cookies - they are good, they are harmless - or they are dangerous and an invasion of privacy. The truth is, they can be both. A reputable web site will use them to personalise your Web experience, and in this respect, they can be very beneficial. Less reputable sites will attempt to use them for more nefarious purposes, like monitoring your browsing habits. They are not dangerous in terms of harbouring viruses or Trojans - they are text files that cannot execute like a script or a program.
Cookies are simple text files stored on the client's hard drive by a Web site when the user visits that site. Most browsers will have settings that can prevent cookies being stored, or limit them to recognised sites only. A lot of online shopping sites will use cookies and I enable cookies for the shopping sites I use, but reject cookies from all other sites.
Cookies can be persistent or stateless, which means they will remain on your hard drive, until the expiration date, after you leave the Web site that created them, or they will be deleted as soon as you leave the Web site.
Storing Cookies
Cookies are stored on the hard disk of the client computer. The client system can store a maximum of 300 cookies. An individual Web site, or domain, can create up to 20 cookies. I am forced to question the 300 cookie limit, as I have just checked my hard drive and found 794 cookies!
Every cookie header can contain up to four parameters: name, expires, path and domain. To actually set a cookie you build a string value in the format:
| name=value;expires=date;path=path;domain=domain |
This string value is then assigned to document.cookie, and that's it.
Note: The string value assigned to a cookie cannot contain spaces and certain punctuation marks, so use the escape() function to format it with the necessary escape characters. If expires is not specified, the cookie will be deleted after the current session.