cURL / Mailing Lists / curl-library / Single Mail

curl-library

Re: Cookies

From: Cris Bailiff <c.bailiff+curl_at_awayweb.com>
Date: Tue, 02 Apr 2002 09:54:17 +1000

Not a very curl-related question but:

A "session cookie" is just a cookies where the server didn't set an expiry date.

The browser keeps the cookie in memory, and it is 'deleted' when the browser
closes, just like any other application data.

If the cookie has an expiry date it is, instead, written to disk, so that it will
'persist' between different browser sessions, no matter what the actual expiry
date. If you set (say) a client id cookie with an expiry of 5 minutes, it will be
written to disk, even if the browser is open for hours.

Note that this behaviour is entirely controlled by the browser - there's no
'timeout', and the browser never tells the server what it did with the cookies
(other than by sending or not sending them with any future request).

curl behaviour is not quite the same as that of a standard browser, though - if
curl didn't output "session cookies" you'd probably never see them, because curl
is usually made to start and quit between each request.

Cris

"Thomas P. Harty" wrote:
>
> How do Session cookies work? I know that the server (IIS or whatever)
> sends the client a cookie, which would contain an Id or whatever. But
> IIS allows you to specify what happens when the client levaes (i.e.
> quits their browser). How does it know when you quit your browser? Is it
> timeout based? Or does the browser send the server some data saying its
> leaving??
Received on 2002-04-02