homepage Welcome to WebmasterWorld Guest from 50.17.107.233
register, free tools, login, search, subscribe, help, library, announcements, recent posts, open posts,
Pubcon Website
Home / Forums Index / WebmasterWorld / Webmaster General
Forum Library, Charter, Moderators: phranque & physics

Webmaster General Forum

    
Can cookies get too big in size/content?
Are there problems, is there a maximum size?
TheDave




msg:335282
 1:58 am on May 10, 2005 (gmt 0)

I've got an ordering system that asks for a fair bit of info from the customer. At the start, I use cookies for the basic info, but after that they need to create an account so the rest can be stored in a database. My boss wants them to be able to go through the entire ordering process without having to sign up first, which means I'm going to have to store a fair amount of data in the cookies. This could be anything up to a lists of 1000s of names. Do you think I should use cookies for this, or work on some sort of temporary server-side database, which when they order then goes into the permanent database?

 

victor




msg:335283
 5:56 am on May 10, 2005 (gmt 0)

Official maximum size for a HTTP cookie header is 4K. So the actual cookie will be slightly smaller. Some browsers will work with bigger cookies, others won't.

A short cookie as a unique transaction-id, and the data in a temporary part of the database sounds a better approach. You never know what havoc a hacker can do if they start editing cookies that contain meaningful data.

Just remenber to have a daily (?) task that deletes abandoned carts -- otherwise your server's hard drives will one day overflow.

TheDave




msg:335284
 7:43 am on May 10, 2005 (gmt 0)

Thanks. I'll go down the database path for sure then, 4k isn't a much at all.

mrMister




msg:335285
 1:43 pm on May 10, 2005 (gmt 0)

Thanks. I'll go down the database path for sure then, 4k isn't a much at all.

It's one hell of a lot for a cookie! If you're setting a cookie that is 4k in size, it'll add almost a second to the download time of every web page tat a modem user accesses on your site!

The database route is the right way to go about it. Set a unique id (preferably in hex) that relates to your database and set that as a cookie.

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / WebmasterWorld / Webmaster General
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About
© Webmaster World 1996-2014 all rights reserved