I was wondering if there is a way to set multiple expire options for one cookie. For example, I want a cookie to expire when the user closes their browser and in 30 minutes.
Is this possible?
YAHOO.util.Cookie.setSubs("cookiename", cookieData, { expires: 0, expires: time() - 1800, path: "/", domain: "cbc.ca" });
From the RFC:
If an attribute appears more than once in a
cookie, the behavior is undefined.
There's no way to set up a cookie to expire like that; at least, there's no cross-browser way to do it. (Also, as far as I know the appropriate attribute is "Max-Age", not "expires"; maybe that name is part of the YUI api however.)
Expiring a session after a period of time is generally something that secure server-side code does on its own, and explicitly. (In other words, the session cookie is explicitly rejected as invalid if its timestamp indicates excessive age.)
You can have the cookie set the onload event, but you can not have two expire times. You can get the time the page unloads and then set the cookie for +30 minutes. But you Cant have the cookie set when the browser closes, you would need a plugin to do that, but when the page closes you can.
Related
I don't remember password of the email account in my office (so my superior do). I said him 'no problemo' and saved the cookie, to open the same account at home, but now the browser seem to disagree with me when I try to equal document.cookie with the cookie I saved as a string. It set the cookie default every time.
What me to do to open that account?
Cookies are valid only for a session, not for the lifetime of the account. If your account auto-logs out after say 20 minutes, the cookie is meaningless after that. Cookies are so that you don't have to relogin for every single request within that time span.
Mobile browser(chrome, safari) not killing cookies with expire time set to '0', Same cookie persists when browser is reopened...
Cookies must be deleted with the same parameters as they were set with. If the value argument is an empty string, or FALSE, and all other arguments match a previous call to setcookie, then the cookie with the specified name will be deleted from the remote client. This is internally achieved by setting value to 'deleted' and expiration time to one year in past.
From the official manual: http://php.net/manual/en/function.setcookie.php
I successfully set a cookie with javascript on one page like this:
..
I went to this article and took the code from it:
UPDATE :
**http://techpatterns.com/downloads/javascript_cookies.php**
The code works.. but I can set and read my cookie from one page only, when I go to the document root , the cookie isnt available there anymore..
I set my cookie when i am in a subfolder of my directory
I am also trying to set it this way:
document.cookie =
"landing_page_ref=" + encodeURIComponent("FBLND1") +
"; path=/; " ;
but i dont know where i am wrong
Session cookies (which are deleted when the browser is closed) are created by not specifying an explicit expiration time.
function setSessionCookie(c_name,value,exdays) {
document.cookie=c_name + "=" + escape(value);
}
That said, I'd use a robust cookie library to handle cookies rather than trying to roll-my-own.
There's no way to set a cookie to expire based on closing the browser and have an expiration time. That functionality is determined by the user's browser. If they have it set up to clear their cookies upon closing, then it will delete your cookie regardless of expiration time.
Your best bet would be setting the cookie to a relatively short lifetime (say 30 minutes or so) and refreshing that cookie on each page view. That would allow you to expire the cookie after 30 minutes of inactivity on your site. It's not quite the same thing, but as there's no way to enforce what you're looking for, it's a close second.
There are two type of cookies. persistent and session. Use session cookie for it. These cookies expire whenever you close your browser. To convert a persistent cookie to a session cookie just skip expire time.
I'm having trouble with cookies. I have a bunch of links that when clicked on, create a cookie. For each link I need to be able to save that cookie value to the main cookie name.
Here is the click function I'm using to create the cookie:
$j('a.createCookie').click(function(e) {
var cookieName = "InsightsCookie";
var cookieValue = $j(this).attr("id");
$j.cookie(cookieName, cookieValue, {expires: 365, path: '/'});
});
The end result would be "InsightsCookie: cookieValue, cookieValue, cookieValue" - where each link clicked on would add a value to InsightsCookie.
Any help would be much appreciated.
Cookies aren't intended to store structured data.
Typically the cookie has some kind of key value (a random integer, or alphanumerical value, for example) that is unique to that person. The web site uses that cookie to know who is visiting, and then keeps track of all the times/places the person with that cookie goes in some kind of database, thereby building a history.
So, basically, it's typically the web site's job to keep track of that, not the cookie on the user's machine.
If that's not an option for you for some reason, you could simply get the value that's already in the cookie, and then append the new value to it with each visit. If that user visits a lot of pages on your site, the cookie might get too big very quickly. There are restrictions on the maximum size of a cookie, and that's kind of a janky way to do it.
I'm looking to warn the user when his or her session times out (I'm having weird timeout problems) and I found the following code:
<%
advanceWarning = 2
jsTimeout = (session.timeout - advanceWarning) * 60000
%>
<script>
window.setTimeout("alert('Session is about to expire');",<%=jsTimeout%>);
</script>
Is this reliable?
Well, it will catch the case where the session times out on the server, assuming no other requests used session in the mean time, and the cookie doesn't expire.
So if you call a web service method or something that uses session, the session time out will be reset and you will have to catch that separately. And if your session cookie expiry (assuming you're doing it that way) is less than your timeout, then session may be lost then too.
In classic ASP, the Session is managed using cookies. You can see more documentation on that here: http://w3schools.com/asp/asp_ref_session.asp. I used to use that site a lot back in the day. If you want more control over the user's session state, you can access the cookies directly (via Request.Cookies and Response.Cookies). http://w3schools.com/asp/asp_ref_response.asp. This may be a better solution in some situations, depending on how much content you are trying to store and how long you want it to persist. If you don't want the session to be refreshed as a 'sliding window', you can always set a timestamp variable in either the session or the cookies collections and gain more control over the timeout that way. One advantage to using the cookies directly is that you can access cookies directly with javascript and can avoid the spaghetti code situation. As I don't know your end goal, I can't say for sure if this will be helpful to you, but the javascript window.setInterval creates a recurring function call and could be used to do asynchronous callbacks to monitor the session state. However, if all you want to do is throw a warning alert(), that is probably overkill and the existing code will work fine.
The above code will not work if there are multiple windows open as you are setting the expiry time from the server and that is valid only for the instant that the request is serviced. This will result in different windows showing the alert at different times. Checking the cookie expiry with some JavaScript periodically is a much better idea.