Blog Post RSS ?

Blogs » Web Tech » 3 Things About Cookies You May Not Know
« SitePoint shortlisted for best Australian web site
SitePoint at Web Directions South & Webjam »
 

3 Things About Cookies You May Not Know


  • Save to
    Del.icio.us

by Paul Annesley

If you’re ever stuck wondering why Live HTTP Headers and Firebug are telling you your “Cookie:” request headers don’t match the “Set-Cookie:” response headers you’ve just been sent, here’s a couple of points and gotchas worth remembering:

  1. A cookie can only be overwritten (or deleted) by a subsequent cookie exactly matching the name, path and domain of the original cookie. Even though a cookie with domain “.example.org” set by www.example.org is perfectly valid, it will not overwrite a previous cookie of the same name which was set against “www.example.org”. Instead, both cookies will be stored, and on subsequent requests only one will be sent.
  2. If multiple cookies of the same name match a given request URI, one is chosen by the browser.
    The more specific the path, the higher the precedence. However precedence based on other attributes, including the domain, is unspecified, and may vary between browsers. This means that if you have set cookies of the same name against “.example.org” and “www.example.org”, you can’t be sure which one will be sent back.
  3. The HTTP state object is called a cookie for no compelling reason according to the preliminary specification from Netscape.

This entry was posted on Monday, September 24th, 2007 at 1:01 pm, contains 191 words, and is filed under Web Tech. You can follow any responses to this entry through the RSS 2.0 feed. You can skip to the end and leave a response. Pinging is currently not allowed. The views and opinions in this blog post are those of its author.

This post has 4 responses so far

  1. Interlock Says:
    September 26th, 2007 at 6:48 am

    Also, Cookies are good with milk. Oh wait, wrong cookie.

     
  2. CookieMonster Says:
    September 27th, 2007 at 10:09 pm

    And they are good with a nice cup of tea.

     
  3. BiscuitMonster Says:
    September 29th, 2007 at 7:43 pm

    I’ve heard they make excellent coasters.

     
  4. Jonathan Landis Says:
    December 15th, 2007 at 7:44 pm

    The current standard for cookies is RFC 2965, and 2109 is obsolete. In the current standard, multiple cookies with the same name and different path/domain components are allowed, and they are sent by the browser in order from most-specific to least-specific. The current versions of both Firefox and IE behave according to the new standard.

     

Sponsored Links

Leave a response

You are not logged in, log in with your SitePoint Forum username and password.

-OR- Post Anonymously

* Make sure any code samples are escaped (i.e. ‘<b>’ becomes ‘&lt;b&gt;’).

If not logged in, your comments will be placed in a moderation queue. This means your comment may not appear until one of our moderators approves it.

Your Blogmaster is...

Paul Annesley

Paul Annesley

Paul is a Web Application Developer at SitePoint, most recently working on the ground-up rewrite of SitePoint Design Contests and its underlying framework.

Subscribe

SitePoint Newsletters

Get all the latest tips by signing up to all of SitePoint’s informative newsletters.

HTML   Plain

SitePoint Blogs

SitePoint Marketplace

Buy, Sell, Trade

Buy and sell Websites, templates, domain names, hosting, graphics and more.

Logo Design, Web page Design and more!

99designs

  • Custom logo designs created ‘just for you’.
  • Pick the design you like best.
  • Only pay if you’re satisfied with the result.

Want More Traffic?

Get up to five quotes from qualified SEO specialists, with no obligation!

Get A Free SEO Quote Now!

Posting Code Snippets

Feel free to enter code snippets into your comments in the following format.

Marking Up Your Code
<pre>
<code class='html'> 
code snippet 
</code>
</pre>

Be sure to escape any HTML snippets (i.e. '<' becomes '&lt;' ).

Supported language classes include:

  • XML, HTML, XSLT and any other XML style code
  • CSS
  • C#
  • VB & VB.NET
  • Delphi, Pascal
  • JavaScript
  • PHP
  • Python
  • SQL