HTML and CSS Reference
In-Depth Information
Information is exchanged using the same Hypertext Transfer Protocol (HTTP) used for
retrieving the contents of the Web page. This is because each transfer includes a header
section that contains information about the document (such as its MIME data type) and
allows for general information in the form:
field-name:ƒfield-value
These field-name/field-value pairs contain information that can be stored in a user's
cookie.
To store this information on a Web server, a Web programmer must add the Set-
Cookie statement to the header section of the CGI script. The Set-Cookie statement is
used the first time the user accesses the Web page. Four parameters are often set with
cookies:
name
,
expires
,
path
, and
domain
. The syntax is:
Set-Cookie:ƒname=
text
;ƒexpires=
date
;ƒpath=
text
;ƒdomain=
text
;ƒsecure
The
name
parameter defines the name of the cookie, and its value cannot contain spaces,
commas, or semicolons. The
expire
parameter indicates the date the information
expires; if no
expire
parameter is included, the cookie expires when the user's browsing
session ends. The
path
parameter indicates the URL path portion to which that cookie
applies; setting this value to / allows the cookie to be accessed from any folder within the
Web site. The
domain
parameter specifies the URL domain portion to which the cookie
applies (usually the domain name of the current document). Finally, the
secure
param-
eter indicates that the data should be transferred over a secure link—one that uses file
encryption.
Once the initial cookie is created, the browser sends the Cookie statement in the
header section of the transfer the next time the user accesses the Web page. The syntax
of this statement is
Cookie:ƒ
name1:value1;ƒname2:value2;
ƒ...
where
name1
is the first field name (whatever that might be) and
value1
is the value of
the first field. The statement can contain as many field/value pairs as needed by the Web
page so long as the total size of the cookie doesn't exceed 4 kilobytes.
Once the Web server retrieves the cookie field names and values, the CGI script pro-
cesses them. Because CGI programming is beyond the scope of this topic, you'll focus
on working with cookies on the client side with JavaScript.
Working with the Cookie Property
JavaScript uses the
cookie
property of the document object to retrieve and update
cookie information. The
cookie
property is simply a text string containing all of the field/
value pairs used by the cookie, with each pair separated by a semicolon. To set a value
for a cookie, you would use the
document.cookie
property with the form
document.cookie='cookie1=OrderForm;ƒexpires=Mon,ƒ06-Apr-
2015ƒ12:00:00ƒGMT;ƒpath=”/”;ƒsecure';
where the cookie contains the
cookie1
field with the value
OrderForm
. This particular
cookie expires at noon on Monday, April 6, 2015. Because the path value equals /, this
cookie is accessible from any folder within the Web site. The
secure
property has been
set, so any transfer of information involving this cookie must use file encryption. Note that
this is a long text string, with the string value enclosed in single quotation marks.
If your Web page had an online form named
Orders
, you could create additional
field/value pairs using the form names and values as follows:
document.cookie='cookie1=OrderForm;ƒname='+document.Orders.Name.
value+';ƒcustid=+'document.Orders.CustId.value;
