Cookies are useful tools for maintaining information about the users on your Web site. For example, when you create a shopping cart for an online e-commerce application, you can store your user's product selections in a cookie. The contents of the cookie can be viewed no matter on which page they end up. Cookies can also be useful for storing user preferences and authentication data.
The HTTP protocol and data persistenceWhy do cookies exist in the first place? Netscape developed the cookie mechanism to address a few shortcomings in the HyperText Transfer Protocol (HTTP) specifications. HTTP is stateless by nature, which means that the data contained on one page will not be stored when you navigate to the next page. For example, when you enter a URL in your browser, it will request the corresponding page from the Web server. Once the page has been served, all communications will cease until another request is made. Here is the inherent problem with HTTP: There's no built-in mechanism to persist data in between page requests. If you fill in a form online and forget to click the Submit button, everything you typed in will be lost. There is nowhere else for the data to go. Sessions states were developed as a way of tracking every unique user that visits your Web site. Sessions provide detailed user information for your server logs. They also allow you to programmatically monitor and control individual users on your Web site. Here is how sessions work: The server generates a unique ID for each user (called a session identifier). This identifier is usually placed in a cookie in the client browser. When your user accesses the Web site, the server will retrieve the cookie and then make note of the user's session identifier. Don't rely only on cookies
You shouldn't rely strictly on cookies for functionality. For example, what happens if your Web application is viewed through a wireless device that doesn't support cookies or is viewed through a pre-HTML 2.0 or text-based browser? Another possibility is that your audience may be using cookie-blocking technology to protect their privacy. To reach the widest audience possible, developers should take these scenarios into consideration when building any cookie-based Web application. To deal with a situation where cookies aren't available, you must build a custom session handler to transfer session information back and forth between the browser and Web server. This article outlines strategies that let you add data persistence to your applications without using cookies. Client-side solutions
Here are four solutions to simulate cookie-like functionality in your applications. We will look at using query strings, cookieless behavior in ASP.Net, hidden forms, and parent frames. Each approach has its unique applications and challenges.
