myCookie.Expires = DateTime.MinValue

[Mark]

It's my understanding that the code below will create a session cookie (RAM
based cookie) that does not persist to a file, but exists in memory on the
client's pc and will be deleted when the user's browser is closed. Correct
or incorrect? Are there any variations on how this code will behave
differently between different browsers?
HttpCookie myCookie = new HttpCookie("my key", "my value");
myCookie.Expires = DateTime.MinValue;
HttpContext.Current.Response.Cookies.Add(myCookie);

Thanks in advance.

Mark

 

[Scott M.]

It's my understanding that the code below will create a session cookie
(RAM based cookie) that does not persist to a file, but exists in memory
on the client's pc and will be deleted when the user's browser is closed.
Correct or incorrect?

Well, not quite. A session cookie is a cookie that does not have a date
indicated for its expiration. You are indicating an expiration date
(allbeit in the past), so you are creating a permenant cookie and expiring
it immediately. If you were to remove this line:

myCookie.Expires = DateTime.MinValue;

You'd have a session cookie.

Are there any variations on how this code will behave differently between
different browsers?

Not really because this code doesn't execute on a browser, it executes on
the server. The only place where you would have browser to browser
differences is with different browsers set to accept/reject cookies in the
first place.

 

[clintonG]

Any value greater than 1 will persist on he disk for the period related to
its Day, Month, Year property. If I recall the rules when we do not use the
Expires property we get a session cookie and using Expires with a value of 0
or less will not persist and in fact delete the cookie from disk. Go find
IECookieView or use Firefox to watch and test cookies.

<%= Clinton Gallagher
NET csgallagher AT metromilwaukee.com
URL http://clintongallagher.metromilwaukee.com/
MAP http://wikimapia.org/#y=43038073&x=-88043838&z=17&l=0&m=h

 

[Mark]

That makes sense conceptually - although walking through my code indicates
that the DateTime.MinValue is persisting ... somewhere. Would a session
based cookie be visible through IECookieView? My gut and experiments
indicate they are not.

Thanks again.

Mark

 

[Scott M.]

It depends on how many name/value pairs you have in the cookie itself.

If you had created 2 name/value pairs of data, such as:

user=Dave
id=22

And, you had set an expiration date (of any value equal to now or higher) on
either of them, then the cookie would be persisted on the client.

If you had set expirations on both of the name/value pairs and only expired
one of them, then the cookie file will still persist, but the expired data
will not be in it.

After a cookie is written to the client's hard drive, the ONLY way to remove
it (from code) is to expire all of the name/value pairs that may be in the
cookie.

As I indicated earlier, if you just want session cookies, don't bother
adding any expiration dates in the first place and the data will only
persist in the client's memory. The fact that you are setting an expiration
date (even though it is in the past) causes the cookie file to become a
persistent cookie, rather than a session cookie.