Servage Magazine

Information about YOUR hosting company – where we give you a clear picture of what we think and do!

Using browser cookies properly in web-projects

Tuesday, December 16th, 2014 by Servage

downloadAs your web projects grow larger and more complicated, you will find an increasing need to keep track of your users. Even if you aren’t offering logins and passwords, you will still often need to store details about a user’s current session and possibly also recognize users when they return to your site.

Several technologies support this kind of interaction, ranging from simple browser cookies to session handling and HTTP authentication. Between them, they offer the opportunity for you to configure your site to your users’ preferences and ensure a smooth and enjoyable transition through it.

Using Cookies in PHP

A cookie is an item of data that a web server saves to your computer’s hard disk via a web browser. It can contain almost any alphanumeric information (as long as it’s under 4 KB) and can be retrieved from your computer and returned to the server. Common uses include session tracking, maintaining data across multiple visits, holding shopping cart contents, storing login details, and more.

Because of their privacy implications, cookies can be read only from the issuing domain. In other words, if a cookie is issued, it can be retrieved only by a web server using that domain. This prevents other websites from gaining access to details they are not authorized to have.

Due to the way the Internet works, multiple elements on a web page can be embedded from multiple domains, each of which can issue its own cookies. These are referred to as third-party cookies. Most commonly, they are created by advertising companies in order to track users across multiple websites.

Most browsers allow users to turn off cookies for either the current server’s domain, third-party servers, or both. Fortunately, most people who disable cookies do so only for third-party websites.

Cookies are exchanged during the transfer of headers, before the actual HTML of a web page is sent, and it is impossible to send a cookie once any HTML has been transferred. Therefore, careful planning of cookie usage is important.


This exchange shows a browser receiving two pages

  1. The browser issues a request to retrieve the main page, index.html, at the website The first header specifies the file and the second header specifies the server.
  2. When the web server at receives this pair of headers, it returns some of its own. The second header defines the type of content to be sent (text/html) and the third one sends a cookie with the name “name” and the value “value”. Only then are the contents of the web page transferred.
  3. Once the browser has received the cookie, it will then return it with every future request made to the issuing server until the cookie expires or is deleted. So, when the browser requests the new page /news.html, it also returns the cookie name with the value “value”.
  4. Because the cookie has already been set when the server receives the request to send /news.html, it does not have to resend the cookie, but just returns the requested page.

Sources for further reading

Using browser cookies properly in web-projects, 4.3 out of 5 based on 3 ratings
Categories: Guides & Tutorials

Keywords: ,

You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

No comments yet (leave a comment)

You are welcome to initiate a conversation about this blog entry.

Leave a comment

You must be logged in to post a comment.