HTML and CSS Reference
cookies on the local browser, eliminating the need for the server-side program to handle
them, and thereby cutting down on server activity. The cookie's default lifetime is the
length of the current session; then they are destroyed. See the expiration attribute dis-
Cookies are composed of text in the form of name/value pairs, often nicknamed
“crumbs,” and up to 20 pairs can be stored in a single cookie string. The browser stores
only one cookie per page.
When making cookies, the crumbs consist of name=value pairs, called attributes, that
must be terminated with a semicolon. Within the string, semicolons, commas, or
whitespace characters are not allowed. The HTTP Set-Cookie header has the following
Set-Cookie: name=value; [expires=date};[path=path];
Set-Cookie: id="Bob";expires=Monday, 21-Oct-05 12:00:00
GMT;domain="bbb.com"; path="/"; secure;
When setting the cookie, it is important to understand the components of a cookie. It
has a name and a value and another set of optional attributes to determine the expiration
date, the domain, path, and whether the cookie must be sent over a secure communica-
tions channel (HTTPS). All of these attributes are assigned as strings.
Name. The actual cookie text consists of the name of the cookie and the value stored
there. It can be a session ID, a user name, or whatever you like.
Don't confuse the value with what the cookie is named. The name of the cookie is on
the left side of the = sign and the cookie text that gets stored there is on the right side.