Drycodez Posted October 2, 2011 Share Posted October 2, 2011 If i set a cookie on a visitor's marchine(s), and there are also other cookies already present in that marchine, how will document.cookie know the one that was set by my site? Or is document.cookie just going to return all the cookies in that system? I just dont understand this cookies of a thing! Link to comment Share on other sites More sharing options...
Drycodez Posted October 2, 2011 Author Share Posted October 2, 2011 Does anyone have an idea concerning this Question? Link to comment Share on other sites More sharing options...
JamesB Posted October 2, 2011 Share Posted October 2, 2011 document.cookie returns a string of all the cookies which that page has access to.cookies are stored independently for each browser, if Firefox sets one, other browsers won't have access to it, only Firefox will.document.cookie will never return all cookies that are stored in a browser, that would be a huge security issue, and would mean a website could read a cookie which was set by another website! if you set a cookie using the minimal amount of parameters, that cookie will be accessible on the entire domain which set it.so if google.com sets a cookie, example.com won't have access to it, but google.com and code.google.com would. if you look at the parameters of php's setcookie(): http://php.net/manual/en/function.setcookie.phpit has several optional ones which can restrict "who" has access to the cookie, eg. a certain path including sub folders, a certain sub domain, only over HTTPS, or httponly (meaning js wouldn't have access to them).so if code.google.com sets a cookie with the domain parameter set to 'code.google.com', video.google.com wouldn't have access to it, but code.google.com would. when reading doucment.cookie, the browser won't include any cookies in the returned string in which the page calling document.cookie doesn't have access to, if it did, again this would be a security issue. now for the cookie's which a page does have access to, document.cookie will return 1 string with the cookies separated by a semi colon (and probably a space too).so say if you had 3 cookies set, "a" set to "test123", "b" set to "40", and "blah" set to "zz", doucment.cookie would return this string: "a=test123; b=40; blah=zz" which can be read like so: var Cookies = document.cookie.split('; ');var i, j = Cookies.length, Cookie, Key, Value;for (i=0; i<j; i++) { Cookie = Cookies[i]; // eg. 'b=40' Cookie = Cookie.split('='); // eg. ['b', '40'] Key = Cookie[0]; // eg. 'b' Value = Cookie[1]; // eg. '40'} this is why it's important that data is properly encoded before setting the cookie, eg. a semi colon in the value would mess everything up, so they must be encoded. setting a cookie in javascript is easier than reading it, you can do: document.cookie = "key=value" which won't override other cookies which the page has access to.when setting a cookie in js, document.cookie doesn't really act as a string, if it did then it would override other cookies. more info: http://www.quirksmode.org/js/cookies.html Link to comment Share on other sites More sharing options...
Drycodez Posted October 2, 2011 Author Share Posted October 2, 2011 iGot that! Thanks! Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.