Do you own a vacation rental property? Advertise here and get worldwide exposure for your vacation rentals today!.

   What are 'cookies'?!?

If you just want to know how to enable or disable cookies, and want to be spared all the gory details, see this FAQ.  Besides, your 8 year-old can explain it to you whenever you want.

You've been warned...

What are Cookies?
Internet Cookies are a small piece of data stored locally by your browser that saves information and helps identify you to web sites upon subsequent visits. In the hands of a skilled webmaster, the cookie offers limitless possibilities in the areas of web customization and user tracking. Cookies are like little identification cards passed out by web sites. Like conventional ID cards, cookies are carried with the user, they store information to help identify you, and they expire at a certain date and then must be reissued. Also, as you probably have different cards for your local department store, the movie rentals, and the library, you are issued different and separate cookies by different web servers. Each browser can accept up to 20 cookies by a single web server and can have as many as 300 cookies total on file at any one time.

A cookie is sent as an HTTP header from the web server and the transmitted information is stored locally in a text file. A cookie can be as large as 4 kilobytes or 4000 characters in length. Cookies are not shared by browsers. Depending on the browser you're using, cookies you download will be stored in different ways and in different places on the hard disk. Netscape stores all cookies in one text file called cookies.txt on the PC or magiccookie on the Mac. If you open cookies.txt you'll see that each cookie has its own line and they are grouped by domain. Internet Explorer stores cookies from each domain in seperate text files stored with the cache. All the cookies in one file are stored in one string separated by delimiters. Below is an example of the HTTP header responsible for sending a cookie.

Set-Cookie: name=value; expires=date; path=pathname; domain=domainname; secure

Each cookie has six definable attributes: a name, a value, an expiration date, the domain for which the cookie can be read, the path in which the cookie can be read, and a Boolean security setting.

Name: The name of the cookie.

Value: The value associated with the cookie.

Expires: The date that, when reached, invalidates the cookie. The date must be given in the following format: Wdy, DD-Mon-YYYY HH:MM:SS GMT. If an expiration date is not specifically defined, the cookies will expire at the end of the session (when the browser is closed) by default. If the cookie's expiration date is set to the current date/time or any date/time already passed, the cookie will be immediately expired and deleted.

Path: The path attribute defines a subset of directories in a domain for which the cookie is valid. The path will default to the root directory ("/") unless otherwise defined.

Domain: The domain for which the cookie is valid. A domain string of ".aol.com" would define "www.aol.com," "webmaster.info.aol.com," and in fact all sub-domains of aol.com as valid domains for the cookie. Be aware that a domain setting must have at least two periods. A cookie can only be read and modified by an object in the valid domain and path defined in the cookie when it was created. The domain path can not be set to send cookies to a domain outside of the domain where the server creating the cookie resides. The domain attribute is set to the domain of the document sending the cookie by default.

Secure: The secure attribute is Boolean. If the attribute is defined, there must be a secure https connection present in order for the cookie to be sent. If the attribute is not defined, the cookie will not require a secure connection to be sent.

An Example
You run a site where people can come to download shareware software. Before users can access your site, you'd like them to agree to a one-time license agreement absolving you of responsibility if one of the pieces of software on your site causes harm to a visitor's system. The key here is that after agreeing to your terms once, you don't want to bother your visitors again. In this situation, you need some way to distinguish visitors that have already agreed from new visitors who have not. Time to bring out the cookies! After reading and agreeing to a license agreement, a webmaster might choose to send users a cookie named 'TOAbool' with a value of 'true' and an expiration date of 'Thu, 31-Dec-2020 00:00:00 GMT.' Now when those users who have agreed to your terms revisit the web site they will have the TOAbool cookie from your domain that can be read by the web server. The webmaster can use that cookie to allow users with that cookie to bypass the terms of agreement page. They'll only have to bother with it once as long as they have the cookie. They'll be good to go until the year 2020 unless the user manually deletes the cookie from the system. By the same token, users without that cookie resident can be directed to the agreement page.

Chocolate Chip or Pecan?
There are two different types of cookies distinguished by the expiration date: session and persistent cookies. Session cookies expire immediately after the user's "session" ends. This usually means that the cookie sticks around until the web browser is closed and then is purged. Persistent cookies, on the other hand, remain on the user's system until the expiration date defined within the cookie. A cookie expires after one session by default.

Cookie Recipe Basics
There are many methods of setting, reading, and manipulating cookies. You can add code to manipulate cookies in CGI scripts and even embed cookie HTTP requests directly into your HTML files. JavaScript, however, provides perhaps the simplest and most flexible interface for setting and manipulating cookies. Unfortunately, you cannot automatically assume that all users will have JavaScript turned on. For that matter you cannot be completely sure that all users will have cookies turned on. While both of the major Internet browsers allow users the option of surfing without JavaScript or cookies, both technologies are turned on by default. The great majority of Internet users visiting your site will be able to accept cookies and run JavaScript functions. Currently, most large web sites are utilizing both cookies and JavaScript in some capacity.

For more information on how to turn internet cookies on or off from within the browser, check out our enabling cookies FAQ.

In JavaScript, sending a cookie is as easy as declaring the document.cookie DOM object with the desired cookie string. For example consider the following JavaScript cookie definition:

document.cookie = "TOAbool = true; expires = Thu,31-Dec-2020 00:00:00 GMT;"

This line of code placed within a JavaScript block will define the cookie used in the user agreement example above. It's important to note that despite its appearance, this statement does not redefine the object document.cookie as the cookie string shown. Instead it appends the cookie as a sub-string to the end of a string of all cookies already received from a domain.



Copyright © 2004 - 2009 GreatFamilyRentals.com. All Rights Reserved. GreatFamilyRentals.com is a trademark of D & V Entertainment, Inc.