the information stored in the name-value pair of a cookie cannot contain any spaces. This poses something of a limitation because many applications will need to store complete phrases or strings containing spaces in cookies.
The solution to this lies in encoding the illegal characters in a cookie. Netscape suggests using an encoding scheme such as that used in URL strings.
However, any coding scheme will work. For instance, alternative characters such as % or + could be used for spaces and a similar approach could be taken for other illegal characters, such as semicolons.
Any script that is going to build cookies using white spaces and other illegal characters, or that is going to read similar cookies, will need to include methods for dealing with these characters.
|An easier recipe for cookies.|
It should be clear now that some type of standardized method for creating new cookies, reading existing cookies, and encoding cookies would make writing scripts much easier.
Just as he wrote the hIdaho Frameset, Bill Dortch has developed a set of freely available functions to perform all these tasks. The functions are available at
The source code should be included in the header of any document that includes scripts that work with cookies.
Although Dortch has done a good job of documenting each of the functions in the comments of the source code, we will run through them all in the next few sections.
The getCookieVal() function.
This function is an internal function called by GetCookie(). Given the index of the first character of the value of a name-value pair in a cookie, it returns the value as an unencoded string.
The function uses the unescape method to decode the value.
The GetCookie() function.
The getCookie() function is used to retrieve the value of a particular cookie. It takes the name of the cookie as an argument and returns the value. If the cookie doesn't exist, the function returns a null value.
The SetCookie() function.
This function can be used to create a new cookie or to update an existing cookie. The function requires two arguments and can take several optional arguments:
where expires, path, domain, and secure are optional parameters, and name and value are required. Name, value, path, and domain should be strings. expires should be passed as a Date object and secure should be a Boolean value.
The order of the arguments is important, so if you want to leave out a particular value in the middle of the order, you should pass the null value as a placeholder.
The DeleteCookie() function.
This function does just what the name suggests: deletes the cookies specified by a name argument. The cookie is deleted by updating it with an expiry date equal to the current date and time.