Duffbert's Random Musings

Document Number:  7003813

Abstract
General information on cookies, including what is a cookie, where there are saved, how to set and retrieve them, and how to view them.

Content
This document covers the following areas:

1.        What is a Cookie?
2.        Where are Cookie Text Files Saved?
3.        $$HTMLHead
4.        HTTP_Cookie
5.        Cookie Tip


1. What is a Cookie?

The cookie mechanism allows a web server to store pieces of information on the client computer through the web browser.  These pieces of information, known as cookies, are stored on the client machine.  It is difficult or impossible for another web site to access a cookie which it did not set.

Most of the time, web servers set and retrieve cookie information using CGI scripts or Java programs, but it is possible to do basic cookie manipulations with Domino using the META tag in HTML headers files. Using $$HTMLHead, META HTTP-EQUIV can be used to send a set-cookie command. (Details below.)

A cookie is first stored in the browser cache.  When the browser quits, the cookie is stored in the cookie text file if there is an expiration date and if the expiration date is later than the current date.

This cookie can then be retrieved with an HTTP_Cookie field by the server which set it.  The HTTP_Cookie field is populated with the variable name and the contents/value of the cookie.  Only the cookie which was set by this server is returned to the HTTP_Cookie field.

2. Where are Cookie Text Files Saved?

Netscape Navigator:

Netscape Navigator stores cookies in a single text file with one row per cookie, listing the domain name and path of the web site which set the cookie.  The file name is cookies.txt under Windows in the Netscape directory and Magic Cookie on a Mac in the Netscape folder which is in the Preferences folder which is in the System folder.

Microsoft Internet Explorer:

Microsoft Internet Explorer stores each cookie as a separate text file named with the site domain name.  The filename is guest@<domainName>.txt under Windows in the Cookie directory in the Windows directory.

These files contain some binary data but can be viewed using any text editor.  The files should not be manually edited as they can easily be damaged by being edited and saved with a text editor.

3. $$HTMLHead

HTML code may be placed in the header area of an HTML document by creating a computed field named $$HTMLHead.  The formula for this field should contain HTML code in quotes with only HTML brackets <>. No square brackets [ ] are needed.

The following HTML in the header area of a Notes Web document will set a cookie with a variable called "var" with a value of "the Cookie" with the path of / (i.e. root) and with an expiration date of 11/9/99 at noon, GMT.

"<META HTTP-EQUIV=\"Set-cookie\" CONTENT=\"var=the Cookie;path=/;expires=Wednesday, 09-Nov-99 12:00:00 GMT;\">"

If the expires date is not included or is not set to a date later than the current date, the cookie will not be saved to the cookie text file when the browser is closed.

If a different path name is given, different cookies can be set for each path name.

Different values for different variable names may be set.  They are stored as separate cookies, but will all be retrieved for that site.

4. HTTP_Cookie

In order to retrieve the cookie information for a particular site and path name, create a computed field (of any type) with a formula of "".

When the .NSF file in that path is opened, this field will be populated with the cookie associated with that domain name and path in the form of variableName=value.  If more than one cookie is set for this domain and path, the values are delimited by a semi-colon:

"var1=cookie content; var2=more cookie content".

More complicated work with the cookie process can be accomplished using CGI scripts or Java.

5. Cookie Tip:

If a cookie is currently set in the browser memory, the following command entered in the URL box of the browser will display the cookie value at any time:

JavaScript: alert(document.cookie);

Related Documents:

Additional general information about the cookie mechanism includes:

Persistent Client State HTTP Cookies available from Netscape's web site at:

http://home.netscape.com/newsref/std/cookie_spec.html