ASP Request.Cookies

HTTP is known as a stateless protocol. After a browser and server have completed an HTTP transaction, no information (such as data submitted through an HTML Form) is retained. This loss of user information occurs when the user moves from page to page in a Web site and when a user leaves one Web site for another. Cookies were developed as a way to retain user data between Web pages or visits to a Web site. A cookie consists of one or more name-value pairs sent to a browser from a Web server. The browser stores these cookies in a text file (called cookie.txt). Although you cannot store much information in any one cookie, they are still useful for:

1. Identifying returning users: Many sites store a unique user ID in a cookie and then use the cookie value to retrieve user information from a database.
2. Tracking a user's order: Many sites that maintain "shopping carts" to store a record of items to be purchased use cookies to track the cart's contents.
3. ASP's Session object: The ASP Session object uses a session cookie (different from a browser cookie) to retain user information as the user goes to various parts of the Web site.

In this lesson, we explain retrieving cookie values that were set prior to our reading them. Setting initial or updated cookie values uses the ASP Response object, which will be described in an upcoming lesson.

When you visit a Web site, the server can send a cookie to your machine to be retrieved during a future visit. The next time you visit that Web site, your browser checks the Web site's network address and looks for cookies that match. If a matching cookie is found, it is sent to the server as part of the browser's request. In theory, cookies are a way for Web sites to "borrow" a very small part of a user's hard drive space. As more and more Web sites began to use cookies, the amount of space taken up on users' computers has grown enormously. Also, cookies appeared that were shared among a number of related Web sites which accumulated information on the Web travels of users. As a result, more users now block cookies through their browser's settings or delete their cookies regularly.
When you create your own Web application with ASP, don't rely solely on the capability to write a cookie and retrieve it at a later date. There are many users who will not accept the cookie, and it is a poor design practice to create an application that crashes because an expected cookie was not found.

• How do I Enable Cookies and Disable Cookies?
  This section will tell you how to enable cookies (turning cookies on) and also how to disable them. Since cookies are maintained by your web browser, the method for enabling or disabling them will vary depending on which browser you are using.
  

  Firefox 7.0 and newer	Use the 'Tools->Options' menu item (may be under the Firefox button), then choose the 'Privacy' tab. Set the 'Firefox will:' option to 'Use custom settings for history'. Now you can choose whether cookies are enabled for websites you visit and third party websites, and if so how long they will persist. You can also use the 'Exceptions' button to override the settings for particular websites.
  Google Chrome 5.0	Choose 'Options' on the 'Cutomize and control' menu, then open the 'Under the Bonnet' tab. In the 'Privacy' section, click on the 'Content settings...' button and open the 'Cookies tab. Set the required cookie behaviour and use the 'Exceptions...' button (if required) to configure specific websites.
  Apple Safari 5.1	Choose 'Preferences...' on the 'Settings' or 'Edit' menu (Windows) or the Safari menu (MacOS), then open the 'Privacy' tab. Now set the required cookie behaviour.
  Apple iOS (iPhone, iPad)	From the home screen tap the 'Settings' icon, then choose 'Safari'. Find the 'Accept Cookies' option and set the required cookie behaviour.
  Android browser	Tap the 'Internet' icon to start the browser, then press the phone's menu button. From the list of options, choose 'More', and then select 'Settings', then 'Privacy and Security'. Scroll down the resulting list and check or uncheck the 'Accept Cookies' item.
  Android Chrome	Start Chrome, then open the options menu and scroll down to 'Settings', followed by 'Site setttings'. You can now choose whether to allow sites to save and read cookie data.

On our course project T-shirt store Web site, we could use a cookie to store the preferred T-shirt size for a customer to avoid requesting this same information each time the user visits the site. Once the cookie, called "ShirtSize", had been created, we could read the cookie's contents and write the value (for example, XL) to the user's browser with this code segment:

<TD>Preferred size:</TD>
<TD><%= Request.Cookies("ShirtSize") %></TD>

And here is what is displayed on the user's browser:

Preferred size: XXL

The previous example used a single-value cookie, but you can also create nested cookies, or keys^[1]. For example, we could store all the user's T-shirt preferences in a single cookie and have keys store attributes like size, color, and crew neck vs. V-neck. When the user returned to our Web site, we could store or display those preferences in a table after reading them from the cookie. Because we can reference each piece of data, we could use our user's information to display only that part of our inventory that matches our user's preferences. The next lesson describes the ASP Response object.
Display Cookie Values in a Table

<TABLE>
<tr>
     <TD>Size</TD>
     <TD>
          <%= Request.Cookies("Preferences")("Size")%>
     </TD>
</TR>
<tr>
     <TD>Neck style</TD>
     <TD>
          <%= Request.Cookies("Preferences")("Neck")%>
     </TD>
</TR>
</TABLE>

[1]Key: A key specifies a particular element within a collection. For example a collection of first names might use a last name as a key, and Bill Smith's first name could be retrieved with: FirstNames("Smith").