Thread: ASP.NET Cookies Overview
View Single Post
  #2 (permalink)  
Old 11-09-2007, 04:34 AM
H2o H2o is offline
D-Web Analyst
  
Join Date: Jul 2007
Posts: 246
H2o is on a distinguished road
Default Re: ASP.NET Cookies Overview
Some more information about cookies

Cookie Scope

By default, all cookies for a site are stored together on the client, and all cookies are sent to the server with any request to that site. In other words, every page in a site gets all of the cookies for that site. However, you can set the scope of cookies in two ways:

Limit the scope of cookies to a folder on the server, which allows you to limit cookies to an application on the site.

Set scope to a domain, which allows you to specify which subdomains in a domain can access a cookie.

Limiting Cookies to a Folder or Application

To limit cookies to a folder on the server, set the cookie's Path property, as in the following example:

HttpCookie appCookie = new HttpCookie("AppCookie");
appCookie.Value = "written " + DateTime.Now.ToString();
appCookie.Expires = DateTime.Now.AddDays(1);
appCookie.Path = "/Application1";
Response.Cookies.Add(appCookie);


The path can either be a physical path under the site root or a virtual root. The effect will be that the cookie is available only to pages in the Application1 folder or virtual root. For example, if your site is called www.mysite.com, the cookie created in the previous example will be available to pages with the path http://www.mysite.com/Application1/ and to any pages beneath that folder. However, the cookie will not be available to pages in other applications such as http://www.mysite.com/Application2/ or just http://www.mysite.com/.

Note
In some browsers, the path is case sensitive. You cannot control how users type URLs into their browsers, but if your application depends on cookies tied to a specific path, be sure that the URLs in any hyperlinks you create match the case of the Path property value.


Limiting Cookie Domain Scope

By default, cookies are associated with a specific domain. For example, if your site is www.mysite.com, the cookies you write are sent to the server when users request any page from that site. (This might not include cookies with a specific path value.) If your site has subdomains—for example, mysite.com, sales.mysite.com, and support.mysite.com—then you can associate cookies with a specific subdomain. To do so, set the cookie's Domain property, as in this example:


Response.Cookies["domain"].Value = DateTime.Now.ToString();
Response.Cookies["domain"].Expires = DateTime.Now.AddDays(1);
Response.Cookies["domain"].Domain = "support.mysite.com";


When the domain is set in this way, the cookie will be available only to pages in the specified subdomain. You can also use the Domain property to create a cookie that can be shared among multiple subdomains, as shown in the following example:

Response.Cookies["domain"].Value = DateTime.Now.ToString();
Response.Cookies["domain"].Expires = DateTime.Now.AddDays(1);
Response.Cookies["domain"].Domain = "mysite.com";


The cookie will then be available to the primary domain as well as to sales.mysite.com and support.mysite.com domains.
__________________
H2O

Without us, no one can survive..
Reply With Quote