Download (direct link):
126 Part II: Creating Dynamic Web Pages
Before I dive into the code, however, I explain exactly what cookies are and how they work.
To identify visitors: You can detect when a user has previously visited your site and customize what that user sees on subsequent visits. For example, you can greet visitors by name, tell them what’s changed on your site since their last visits, display customized pages based on their previous purchasing, their site navigation habits, and so on.
Cookie security issues
Cookies have been used safely for a few years now, and because their use is strictly governed by Web browsers, they rank mighty low on the list of potential security threats. Still, they are highly controversial in some programmer circles for two reasons:
Cookies jump the traditional bounds of a Web browser by storing information directly on users’ hard drives. Some folks fear that cookies can damage their computers by infecting their computers with viruses or by storing such huge amounts of data on their hard drives that their computers no longer work properly.
Chapter 6: That's How the Cookie Crumbles
• Where cookies are placed: Internet Explorer 6.x running on Windows XP, for example, stores cookies as individual text files and places them in the following directory:
C:\Documents and Settings\Owner\Cookies
Netscape Navigator 7.0 running on Windows XP bunches cookies together in a single file, called cookies.txt, and places that file in a random-generated directory name similar to the following:
C:\Documents and Settings\Owner\Application Data\Mozilla\profiles\default\ klambsdn.slt
• How large cookie files can be: Both Internet Explorer and Netscape Navigator limit cookie files to 4K.
• How many cookies any given Web site can place on a user’s hard drive: Both Internet Explorer and Netscape Navigator set the limit at 20 cookies per site and set an overall total of 300 cookies per browser.
• Which sites have access to cookies: Cookie visibility is configurable. (You see how to configure cookie access in the “Configuring cookie support” section in this chapter.)
Cookies enable Web developers to gather detailed marketing information about users without those users’ knowledge or consent. Using cookies in conjunction with client-side applications like CGI programs and Java applets, Web developers can save, examine, and interpret virtually every interaction between a user and a Web site. Every click, every keystroke, every credit card purchase can be used to customize what a user sees the next time he visits a cookie-enabled Web site.
Fortunately, users who feel uncomfortable with the Big Brother-like aspect of cookies have a choice: They can configure their browsers to limit cookie support or turn it off altogether. (You see an example of configuring cookies in the very next section.)
Looking at cookies from a user's perspective
One of the best ways to understand how cookies work is to take a look at them from a user’s perspective. In this section, I show you how to configure cookie support in your browser, visit a cookie-enabled site, and examine an
128 Part II: Creating Dynamic Web Pages
Configuring cookie support in Netscape Navigator 7.x.
Configuring cookie support
Netscape Navigator and Internet Explorer both allow users to specify a level of cookie support.
In Netscape Navigator 7.x, you configure cookie support by following these steps: