Click here to Skip to main content
15,868,016 members
Articles / Web Development / ASP.NET

Cookies in ASP.NET

Rate me:
Please Sign up or sign in to vote.
4.84/5 (88 votes)
25 Aug 2011CPOL3 min read 481.7K   11K   114   50
In this quick post, you will learn all about cookies used in web based applications.

Introduction

Cookies are also known by many names, HTTP Cookie, Web Cookie, Browser Cookie, Session Cookie, etc. Cookies are one of several ways to store data about web site visitors during the time when web server and browser are not connected. Common use of cookies is to remember users between visits. Practically, cookie is a small text file sent by web server and saved by web browser on client machine.

Use of Cookies?

Cookies may be used for authentication, identification of a user session, user's preferences, shopping cart contents, or anything else that can be accomplished through storing text data. Cookies can also be used for travelling of data from one page to another.

Is Cookies Secured?

Well, this question has no specific answers in YES or NO. Cookies could be stolen by hackers to gain access to a victim's web account. Even cookies are not software and they cannot be programmed like normal executable applications. Cookies cannot carry viruses and cannot install malware on the host computer. However, they can be used by spyware to track user's browsing activities.

Using Cookies

Creating/Writing Cookies

There are many ways to create cookies, I am going to outline some of them below:

Way 1 (by using HttpCookies class)

C#
//First Way
HttpCookie StudentCookies = new HttpCookie("StudentCookies");
StudentCookies.Value = TextBox1.Text;
StudentCookies.Expires = DateTime.Now.AddHours(1);
Response.Cookies.Add(StudentCookies);

Way 2 (by using Response directly)

C#
//Second Way
Response.Cookies["StudentCookies"].Value = TextBox1.Text;
Response.Cookies["StudentCookies"].Expires = DateTime.Now.AddDays(1);

Way 3 (multiple values in same cookie)

C#
//Writing Multiple values in single cookie
Response.Cookies["StudentCookies"]["RollNumber"] = TextBox1.Text;
Response.Cookies["StudentCookies"]["FirstName"] = "Abhimanyu";
Response.Cookies["StudentCookies"]["MiddleName"] = "Kumar";
Response.Cookies["StudentCookies"]["LastName"] = "Vatsa";
Response.Cookies["StudentCookies"]["TotalMarks"] = "499";
Response.Cookies["StudentCookies"].Expires = DateTime.Now.AddDays(1); 

Reading/Getting Cookies

In the above code, I have used many ways to write or create cookies so I need to write here using all the above ways separately.

For Way 1

C#
string roll = Request.Cookies["StudentCookies"].Value; //For First Way

For Way 2

C#
string roll = Request.Cookies["StudentCookies"].Value;  //For Second Way

For Way 3

C#
//For Multiple values in single cookie
string roll;
roll = Request.Cookies["StudentCookies"]["RollNumber"];
roll = roll + " " + Request.Cookies["StudentCookies"]["FirstName"];
roll = roll + " " + Request.Cookies["StudentCookies"]["MiddleName"];
roll = roll + " " + Request.Cookies["StudentCookies"]["LastName"];
roll = roll + " " + Request.Cookies["StudentCookies"]["TotalMarks"];
Label1.Text = roll; 

Deleting Cookies

In the above code, I have used many ways to create or read cookies. Now look at the code given below which will delete cookies.

C#
if (Request.Cookies["StudentCookies"] != null)
{
    Response.Cookies["StudentCookies"].Expires = DateTime.Now.AddDays(-1);
    Response.Redirect("Result.aspx");  //to refresh the page
}

Understanding HttpCookie Class It contains a collection of all cookie values.

We do not need to use any extra namespaces for HttpCookies class (we already have used this in Way 1 above), because this class is derived from System.Web namespaces. HttpCookies class lets us work with cookies without using Response and Request objects (we have already used this in Way 2 and Way 3 above).

image002.jpg

HttpCookie class has a list of some properties, let us outline them.

  • Domain: It contains the domain of the cookie.
  • Expires: It contains the expiration time of the cookie.
  • HasKeys: It contains True if the cookie has subkeys.
  • Name: It contains the name of the cookie.
  • Path: It contains the virtual path to submit with the cookie.
  • Secure: It contains True if the cookie is to be passed in a secure connection only.
  • Value: It contains the value of the cookie.
  • Values:

Limitations of Cookies

There are following limitations for cookies:

  1. Size of cookies is limited to 4096 bytes.
  2. Total 20 cookies can be used on a single website; if you exceed this browser will delete older cookies.
  3. End user can stop accepting cookies by browsers, so it is recommended to check the users’ state and prompt the user to enable cookies.

Sometimes, the end user disables the cookies on browser and sometimes browser has no such feature to accept cookies. In such cases, you need to check the users’ browser at the home page of website and display the appropriate message or redirect on appropriate page having such message to enable it first. The following code will check whether the users’ browser supports cookies or not. It will also detect if it is disabled too.

C#
protected void Page_Load(object sender, EventArgs e)
{
    if (Request.Browser.Cookies)
    {
        //supports the cookies
    }
    else
    {
        //not supports the cookies
        //redirect user on specific page
        //for this or show messages
    }
}

It is always recommended not to store sensitive information in cookies.

Download the sample code attached with this post to check it yourself.

So, that is all about the ASP.NET cookies. Please post your feedback.

License

This article, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)


Written By
Founder ITORIAN.COM
India India
Abhimanyu Kumar Vatsa (Abhimanyu Kumar Singh) is a Microsoft MVP and Mindcracker (C# Corner) MVP (2010, 2011) and having experience in building web scale applications using Microsoft Technologies including ASP.NET, MVC, C#/VB, jQuery, JavaScript, Silverlight, SQL Server and many more web stuffs. He is also handy in non-Microsoft Technologies like PHP, ColdFusion etc but he’s specility is always Microsoft. He love to work with Internet scale projects using Microsoft stuffs that has potential to change the every day use of technology. He love to blog and started it around June 2009 and because such blogging Microsoft awarded him MVP.

Comments and Discussions

 
GeneralMy vote of 5 Pin
WebMaster14-Feb-12 21:37
WebMaster14-Feb-12 21:37 
QuestionFile download is corrupt and won't open with winzip or explore. Pin
sma77714-Feb-12 5:29
sma77714-Feb-12 5:29 
GeneralMy vote of 5 Pin
Muthukrish5916-Jan-12 5:46
Muthukrish5916-Jan-12 5:46 
GeneralMy vote of 5 Pin
zerocool185-Nov-11 18:21
zerocool185-Nov-11 18:21 
GeneralMy vote of 5 Pin
irritaldo3-Oct-11 1:48
irritaldo3-Oct-11 1:48 
QuestionWay 1 and 2 for reading cookies Pin
BrianBissell1-Sep-11 9:50
BrianBissell1-Sep-11 9:50 
GeneralMy vote of 5 Pin
BrianBissell1-Sep-11 9:48
BrianBissell1-Sep-11 9:48 
GeneralMy vote of 4 Pin
SREENATH GANGA1-Sep-11 8:29
SREENATH GANGA1-Sep-11 8:29 
best for starters like me
QuestionThe link for the download didn't work Pin
Ger F.30-Aug-11 22:32
Ger F.30-Aug-11 22:32 
GeneralMy vote of 4 Pin
germ1330-Aug-11 19:13
germ1330-Aug-11 19:13 
QuestionReading Cookies through Response Pin
taloweb26-Aug-11 22:24
taloweb26-Aug-11 22:24 
GeneralCookie limitations Pin
DaveAuld26-Aug-11 1:23
professionalDaveAuld26-Aug-11 1:23 
GeneralRe: Cookie limitations Pin
Abhimanyu Kumar Vatsa26-Aug-11 4:33
Abhimanyu Kumar Vatsa26-Aug-11 4:33 

General General    News News    Suggestion Suggestion    Question Question    Bug Bug    Answer Answer    Joke Joke    Praise Praise    Rant Rant    Admin Admin   

Use Ctrl+Left/Right to switch messages, Ctrl+Up/Down to switch threads, Ctrl+Shift+Left/Right to switch pages.