Page 263 - DCAP408_WEB_PROGRAMMING
P. 263

Unit 11: Using Request Objects




          simple, persistent, client-side state significantly extends the capabilities of Web-based client/  Notes
          server applications.

          An Overview

          A server, when returning an HTTP object to a client, may also send a piece of state information
          which the client will store. Included in that state object is a description of the range of URLs for
          which that state is valid. Any future HTTP requests made by the client which fall in that range
          will include a transmittal of the current value of the state object from the client back to the
          server. The state object is called a cookie, for no compelling reason.
          This simple mechanism provides a powerful new tool which enables a host of new types of applications
          to be written for web-based environments. Shopping applications can now store information about
          the currently selected items, for fee services can send back registration information and free the
          client from retyping a user-id on next connection, sites can store per-user preferences on the client,
          and have the client supply those preferences every time that site is connected to.




             Did u know?  What is the specification of a cookie?
             A cookie is introduced to the client by including a Set-Cookie header as part of an HTTP
             response, typically this will be generated by a CGI script.

          Syntax of the Set-Cookie HTTP Response Header

          This is the format a CGI script would use to add to the HTTP headers a new piece of data which
          is to be stored by the client for later retrieval.
          Set-Cookie:  NAME=VALUE;  expires=DATE;
          path=PATH;  domain=DOMAIN_NAME;  secure
          NAME  =  VALUE
          This string is a sequence of characters excluding semi-colon, comma and white space. If there is
          a need to place such data in the name or value, some encoding method such as URL style %XX
          encoding is recommended, though no encoding is defined or required.

          This is the only required attribute on the Set-Cookie header.
          expires=DATE
          The expires attribute specifies a date string that defines the valid life time of that cookie. Once
          the expiration date has been reached, the cookie will no longer be stored or given out.
          The date string is formatted as:
          Wdy,  DD-Mon-YYYY  HH:MM:SS  GMT
          This is based on variations that the only legal time zone is GMT and the separators between the
          elements of the date must be dashes.
          Expires is an optional attribute. If not specified, the cookie will expire when the user’s session ends.




             Notes  There is a bug in Netscape Navigator version 1.1 and earlier. Only cookies whose
             path attribute is set explicitly to “/” will be properly saved between sessions if they have
             an expires attribute.
             domain=DOMAIN_NAME



                                           LOVELY PROFESSIONAL UNIVERSITY                                   257
   258   259   260   261   262   263   264   265   266   267   268