Saturday 31 August 2013

Cookies in ASP.net


COOKIES:

 
              Using ViewState and some other concepts like QueryString, Server.Transfer we get state in a single page (or) state in 2 pages.

If we want to maintain state for multiple pages of the website we have to use other concepts provided by ASP.net and also by HTTP. HTTP provides a concept called COOKIES which are supported by all web development coding, using COOKIES we maintain state for small amount of information.

HTTP Cookies:


                  A Cookie is _name, value pair just like a variable but which travel automatically between every request and response. Cookies are maintained by browser and we have to understand how they are maintained and consume them in our Application.

COOKIES are maintained by Browser a standard limitations are imposed by W3 and Browser. Every Cookie is created by Browser based on the Domain or based on the specific path given by Cookie.

20 COOKIEs per domain are allowed, and upto 4KB of data is restricted. These are W3 standards and Browsers like IE7 and above have higher limits than these.

COOKIES can store only simple form of data like strings. A complex type cann't be directly stored in a Cookie.

Browser can allow (or) deny cookies for security, personalization and other reasons. In IE "@" we can configure this restriction in security & privacy options.

How to create COOKIE in ASP.net….?


System.web.HTTPCookie is the class using which we can create, cookie in ASP.net classical method or aother method of creating cookie is using

Ex: Response.Cookies[""].Value="10";

Prefered is using HTTPCookie class because it is type safe method.

Ex: Change.aspx:

1) In a form drag & drop a ListBox and Button controls.
2) In ListBox add a Country names in static manner.
3) On Button click event write a below code.
 
protected void btn_click(object sender,EventArgs e)
    {
                HTTPCookie obj=new HTTPCookie("Ckctry");
                Obj.Value=ListBox1.SelectedValue;
                Response.Cookies.Add(obj);
                Response.Redirect("Default.aspx");
    }
              

Default.aspx:

1) In a form drag & drop label and Link Button controls.
2) On load event write a below lines of code.

protected void Page_Load(object sender,EventArgs e)
    {
                if(Request.Cookies["Ckctry"]!=null)
                Label1.Text=Request.Cookies["Ckctry"].Value;
                else
                Label1.Text="INDIA";
    }
              
3) On button click event write the below lines of code.
protected void lnkbtn_Click(object sender,EventArgs e)
    {
                Response.Redirect("Change.aspx");
    }
              

How to search COOKIE in system..?


Goto Browser --> Tools --> internet options --> settings --> View files

MultiValued COOKIEs:

 
                  A multivalued cookie means like an array of COOKIE where we can store multiple values in a single Cookie. The advantage of multi valued cookie is we can create more values in the form of cookie and also save space in saving disk storage of 4 KB. To create multi valued cookie ASP.net provides values collections.

How to create multiple cookies..?

            HTTPCookie obj=new HTTPCookie("UserDetails");
            Obj.Values["name"]="naveen";
            Obj.Values["mail"]="mailid";
            Obj.Values["num"]="1234"; How to Read multiple Cookies….?

Request.Cookies["UserDetails"]["name"];
(or)
HTTPCookie ck=Request.Cookies["UserDetails"];

Limitations of COOKIEs…?

1) Size limitation ( 4 kb)
2) Type of data limitations ( string)
3) No.of cookies ( 20 cookies / domain)
4) Not secured
  •  Client side - dependent on Browser
  •  Travel in plain Textual format. (HTTP Headers)
  •  Remote site – Access client Resources.

How to make COOKIES secured….?


By default cookies are not secured to make it secure we have to follow 2 things.

1) Encrypt values using some encryption algorithms supported by .net (or) which are provided by third party for .net( RS Algorithem), and store them as part of cookie.

2) Use secure property of cookie and communicate using HTTPS. For this server should be enabled (or) installed with SSL certificates. HTTPS communication mode means entire page data will be encrypted and used in Request / Response.

Note:

Browser --> tools --> Advanced --> Browser --> Use SSL3.0

For multiple page state only but with all functionality which is missing in cookies and also with more required features we have to use server side state management options.

Ex: ASP.net, DataBase, Services, Cloud.

No comments:

Post a Comment