cookie in asp.net

cookie in asp.net

it is a small amount of data that is stored either in a text file on the client file system or in memory in the client browser session.

It contains site-specific information that the server sends to the client along with page output. you can use cookies to store information about a particular client, session, or application.

The cookies are saved on the client device, and when the browser request a page,the client sends the information in the cookies along with the request information. The server can read the cookies and extract its value. A typical use is to store a token (perhaps encrypted) indicating that the user already been authenticated in your application.

Create a Cookie Response.cookies.Add(new HttpCookie(“UserName”));

To Store value in a cookie Response.Cookies[“UserName “].Value=”Admin”;

To read values from a cookie string Uname= Request.cookies[“UserName”].Value; Response.Write(UName);

Advantages of using cookies are:
Configurable expiration rules: The cookie can expire when the browser session ends, or it can exist indefinitely on the client computer, subject to the expiration rules on the client.
No server resources are required: The cookie is stored on the client and read by the server after a post.
Simplicity: The cookie is a lightweight, text-based structure with simple key-value pairs.
Data persistence: Although the durability of the cookie on a client computer is subject to cookie expiration processes on the client and user intervention, cookies are generally the most durable form of data persistence on the client.

Disadvantages of using cookies are:
Size limitations:

Most browsers place a 4096-bytes (4KB) limit on the size of a cookie, although support for 8192-byte cookies is becoming more common in newer browser and client-device versions.

Browsers also impose limitations on how many cookies your site can store on the user’s computer.

Most browsers allow only 20 cookies per site; if you try to store more, the oldest cookies are discarded.

Some browsers also put an absolute limit, usually 300, on the number of cookies they will accept from all sites combined.
User-configured refusal: Some users disable their browser or client device’s ability to receive cookies, thereby limiting this functionality.
Potential security risks:

Cookies are subject to tampering.

Users can manipulate cookies on their computer, which can potentially cause a security risk or cause the application that is dependent on the cookie to fail.

Also, although cookies are only accessible by the domain that sent them to the client, hackers have historically found ways to access cookies from other domains on a user’s computer.

You can manually encrypt and decry-pt cookies, but it requires extra coding and can affect application performance because of the time that is required for encryption and decryption.

Types of Cookies in asp.net

Non persistent cookies(Temporary cookies)( In memory cookie) :- Non persistence cookies are not permanently stored on the user client hard disk folder.
It maintains user information as long as the user accesses the same browser.
When user closes the browser the cookie will be discarded.
Persistence Cookie: Cookies which you can set an expiry date time are called persistence cookies.
Persistence cookies are permanently stored till the time you set.
It is saved as a text file system of the client computer.