Brief description  about Online courses   join in Online courses
View Arun Kumar Das 's Profile



Web applications are typically a series of Hypertext Transfer Protocol (HTTP) requests and responses. As HTTP is a stateless protocol, information is not automatically saved between HTTP requests. Web applications use cookies to store state information on the client.

Cookies can be used to store information about the user, the user's shopping cart, and so on.

Types of Cookies

The two types of cookies follow:

Session cookies – Session cookies are stored in memory and are accessible as long as the user is using the web application. Session cookies are lost when the user exits the web application. Such cookies are identified by a session ID and are most commonly used to store details of a shopping cart.

Permanent cookies – Permanent cookies are used to store long-term information such as user preferences and user identification information. Permanent cookies are stored in persistent storage and are not lost when the user exits the application. Permanent cookies are lost when they expire.

Cookiesis a Statefull techniques to remember the state of the client.
Cookie is a piece of info set by the server on the client using http.

We can use response.setCookie() to set a cookie on a browser, to get the cookies we can use request.getCookie()

Steps to set cookie:

• Create a cookie object cookie c1 = new cookie(name, value);
• Add the cookie response.addCookie(name);

Cookies are mainly used to serve personalized content according to user requirement.


• If used heavily this generate more N/W traffic
• There are some limitations in some browsers in maximum no of cookies per domain.

It is not advisable to store sensitive info using cookie.

When we execute response.addCookie(), it adds set-cookie header to the response.Browser sends back the cookie as part of request header as, cookies name1=value1&name2=value2

Most of the browsers provide an option of allowing or denying the cookies.
Most of web application developers display a message saying that their web application works properly if the cookies are allowed.
The cookie class provides the methods setMaxAge, setDomain, setPath …

In most of he cases we may not use these methods.

1. simple
2. don`t need to send data back to us, browser can participate in this task.

1. size and number of cookies stored are limited.
2. it stored as plain-text in a specific directory, everyone can view and modify them. Personal information is exposed.
3. it won`t work if the security level set too high in browser.
Asked by Arun Kumar Das | Feb 3, 2015 |  Reply now
Replies (0)