ns_cookie - HTTP cookies
Cookies are small pieces of data which the server sends to the user agent and the user agent sends back during subsequent requests. You can use this mechanism to save state between otherwise stateless HTTP requests.
Cookie size limits are user agent dependent. Practically, as cookies are sent with every request to the server (for which the optional domain and path match), size should be kept to a minimum.
These commands implement the original version 1 Netscape cookie protocol which is widely supported by user agents.
Send data to the user agent as a cookie, using name as the identifier. The user agent will send the cookie data back to the server during subsequent requests for which the domain and path match, if it has not expired. If the provided domain is empty, it is ignored.
A cookie is identified by a signature which is made up of its name, domain, path and secure flag. A cookie named foo with path /x/y is a different cookie than one named foo with path /x/y/z. During a request for the URL /x/y/z both cookies named foo are sent.
The data will be URL-encoded to escape special characters. ns_getcookie correctly reverses the encoding.
Get the cookie data identified by name. If no such cookie exists then default is returned. If default is not given and no such cookie exists, an error is raised. When the option ?-include_set_cookies? is set true, then this command will search as well in the cookies being currently set in the output headers.
By default, only the first cookie identified by name is returned. If two cookies with the same name are sent by the user agent, each with a different domain and/or path, which cookie data is returned depends on the user agent. When the option ?-all? is set, all cookies with the specified name are returned. This can be use to detect such situations with multiple cookies. The option ?-all? cannot be set together with the option ?-include_set_cookies?.
When using domain or path to restrict cookies, it is recommended to use a unique name for each restricted cookie.
Instruct the client to delete the cookie data identified by name. The complete cookie signature including domain and path must match for the cookie to be deleted. If the provided domain is empty, it is ignored.
Track all user agents which ever visited our site:
proc browser_tracking_filter {} { if {![ns_getcookie first_visit 0]} { ns_setcookie -expires -1 -- first_visit [clock seconds] } } ns_register_filter preauth GET /* browser_tracking_filter