How to limit cookie for a particular domain in ASP.NET?

Sheonarayan
Posted by in ASP.NET category on for Advance level | Points: 250 | Views : 10398 red flag
Rating: 5 out of 5  
 1 vote(s)

In earlier articles, we learnt how to create, read, expire cookies and limit the scope of the cookies to a particular folder of the website . In this article we are going to learn how to limit cookie for a particular domain.

Introduction

A Cookie is a small amount of text that attached to the requet and response in between browser and the server. This small amount of text can be read by the application whenever user browse the it. Please note that cookie is not a good medium to store the confidential data as it is stored into the user browser.

Let's learn how to limit the scope of the cookie creation so that those cookie will be available only to a particular domain or sub domain.

ASPX PAGE

<asp:Button ID="btnCookieSet" runat="server" Text="Set Cookie" OnClick="SetCookie" />

<asp:Button ID="btnCookieGet" runat="server" Text="Get Cookie" OnClick="GetCookie" />

In the above snippet, we have two buttons. Clicking on first button executes SetCookie method and clicking on the second button executes GetCookie method.

CODE BEHIND

// how to test

// Access this page and set the cookie, then get the cookie value.

// Now try to access this page with other domain (in local machine, simply access this page with different localhost:port).

protected void SetCookie(object sender, EventArgs e)

{

// set the cookie

Response.Cookies["MyCookie"].Value = "My cookie for a domain";

Response.Cookies["MyCookie"].Domain = "localhost"; //"training.dotnetfunda.com";

}

 

protected void GetCookie(object sender, EventArgs e)

{

if (Request.Cookies["MyCookie"] != null)

{

string cookieValue = Request.Cookies["MyCookie"].Value;

Response.Write(cookieValue);

}

}

SetCookie method

This method creates a cookie for “localhost” (as I have developed this page on local machine so I have tested with localhost) domain by setting the domain property of the Cookie.

Note that in case we have created the cookie for main domain, that cookie works for all subdomains as well but if the cookie has been created for the sub-domain, it doesn’t work for the parent domain or other sub domain.

Eg.

If cookie domain has been set to “dotnetfunda.com”, that cookie will be available for “training.dotnetfunda.com”, “blog.dotnetfunda.com” and any other sub domains. But if the domain has been set to “training.dotnetfunda.com” at the time of cookie creation, that cookie will not be available on “dotnetfunda.com” or “blog.dotnetfunda.com”.

GetCookie method

This method checks for the cookie, if it is not null then prints its value on the page.

OUTPUT



In the above picture you can see that MyCookie has been created for domain "localhost".

In case you have missed earlier article series on Cookies in ASP.NET, click here.

Hope this article was useful. Subscribe for the RSS to get more articles. Thanks for reading, keep learning and sharing ....
Page copy protected against web site content infringement by Copyscape

About the Author

Sheonarayan
Full Name: Sheo Narayan
Member Level: HonoraryPlatinum
Member Status: Administrator
Member Since: 7/8/2008 6:32:14 PM
Country: India
Regards, Sheo Narayan http://www.dotnetfunda.com
http://www.snarayan.com
Ex-Microsoft MVP, Author, Writer, Mentor & architecting applications since year 2001. Connect me on http://www.facebook.com/sheo.narayan | https://twitter.com/sheonarayan | http://www.linkedin.com/in/sheonarayan

Login to vote for this post.

Comments or Responses

Login to post response

Comment using Facebook(Author doesn't get notification)