What Is a Cookie?
A "cookie" is a small piece of information which a CGI script can store
with a web browser and later read back from that browser.
To create a cookie, an application sends a "Set-Cookie" HTTP header
line like this one in response to a URL access from a browser:
Set-Cookie: NAME=VALUE; expires=DATE; path=PATH; domain=DOMAIN_NAME; secure
All of these fields except NAME=VALUE are optional. It is recommended
to set the DOMAIN and PATH, as some browsers do not recognize the cookie,
if they are not set.
NAME and VALUE are the actual information you're including in the cookie.
DATE is the time at which the cookie information expires and will be "forgotten"
by the browser.
DOMAIN is a host or domain name for which the cookie is valid.
PATH specifies a subset of the URLs at that server for which the cookie
If you include "secure" in your cookie, then the cookie will only be transmitted
over an SSL connection.
Whenever the browser sends an HTTP request for a URL on a server for
which it has stored cookies, it includes a line of the form:
Cookie: NAME=VALUE; NAME=VALUE; ...
which lists all cookies that apply, which can be read by calling the Web
Server/400 Get Environment Variable API.
Examples of Using Cookies
Setting a Cookie
Here is an example of the HTML generated by the store application to set
Set-Cookie: ITEMS=PROD1,1&PROD2,2; path=/qsys/merchant/; domain=www.xyz.com
This sets a cookie that stores that the user selected one of PROD1 and
two of PROD2. Since there is no expiration date, the cookie will disappear
when the customer closes the browser.
Reading a Cookie
To read the cookie the store calls the Web Server/400 Get Environment Variable
API. It passes in an environment variable of "HTTP_COOKIE" which returns
Deleting a Cookie
To delete a cookie, you can set the value of the cookie to blank.
Here is an example of the HTML generated by the store application to clear
the cookie after the order has been completed:
Set-Cookie: ITEMS=; path=/qsys/merchant/; domain=www.xyz.com
Advantages and Disadvantages of Using Cookies
We used cookies in our application to allow us to store what the user has
selected to be ordered. We used cookies for the following reasons:
The disadvantages of using cookies for this application are:
The data becomes attached to the customer. If he/she starts to make an
order and then jumps to a different HTML document and returns later, the
items that had been selected earlier are still selected.
The Order Form could be on several screens, with each screen adding information
to the cookie.
If a user has an old browser that doesn't support cookies, this application
will not work.
In some browsers a user can turn on a warning everytime an application
attempts to write a cookie. If the user accepts the cookie, everything