homepage Welcome to WebmasterWorld Guest from
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Become a Pro Member
Home / Forums Index / WebmasterWorld / Webmaster General
Forum Library, Charter, Moderators: phranque

Webmaster General Forum

Can cookies get too big in size/content?
Are there problems, is there a maximum size?

 1:58 am on May 10, 2005 (gmt 0)

I've got an ordering system that asks for a fair bit of info from the customer. At the start, I use cookies for the basic info, but after that they need to create an account so the rest can be stored in a database. My boss wants them to be able to go through the entire ordering process without having to sign up first, which means I'm going to have to store a fair amount of data in the cookies. This could be anything up to a lists of 1000s of names. Do you think I should use cookies for this, or work on some sort of temporary server-side database, which when they order then goes into the permanent database?



 5:56 am on May 10, 2005 (gmt 0)

Official maximum size for a HTTP cookie header is 4K. So the actual cookie will be slightly smaller. Some browsers will work with bigger cookies, others won't.

A short cookie as a unique transaction-id, and the data in a temporary part of the database sounds a better approach. You never know what havoc a hacker can do if they start editing cookies that contain meaningful data.

Just remenber to have a daily (?) task that deletes abandoned carts -- otherwise your server's hard drives will one day overflow.


 7:43 am on May 10, 2005 (gmt 0)

Thanks. I'll go down the database path for sure then, 4k isn't a much at all.


 1:43 pm on May 10, 2005 (gmt 0)

Thanks. I'll go down the database path for sure then, 4k isn't a much at all.

It's one hell of a lot for a cookie! If you're setting a cookie that is 4k in size, it'll add almost a second to the download time of every web page tat a modem user accesses on your site!

The database route is the right way to go about it. Set a unique id (preferably in hex) that relates to your database and set that as a cookie.

Global Options:
 top home search open messages active posts  

Home / Forums Index / WebmasterWorld / Webmaster General
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved