Name
Cookie
Synopsis
This class represents an HTTP cookie, as standardized by RFC 2965
(ftp://ftp.isi.edu/in-notes/rfc2965.txt).
A cookie
represents a simple name-value pair that is sent back by the HTTP
User-Agent on each subsequent request to the URL host that set the cookie.
The rules governing the visibility, scope, and lifetime of cookies is
well documented in
the RFC; see that document for details.
The Cookie has properties
defined on it corresponding to the settable values in the RFC—principally,
the Value property sets the value of the cookie,
and the Name property sets the name by which the cookie’s
value can be retrieved.
As a User-Agent, adding a Cookie to an HttpWebRequest
is as simple as adding the Cookie instance to the
HttpWebRequest.CookieContainer property.
When you receive a response from an HTTP server, it may contain
one or more cookies. Use the HttpWebResponse.Cookies
collection to obtain the cookies that the HTTP server sent you.
Note that, as a User-Agent (the client), it is the C# programmer’s responsibility for maintaining all the semantics of the RFC—that is, the cookie must only be sent back to the host that set it, the cookie can only be sent back if it obeys the “path” prefix set on the cookie, and so forth. Failure to do so could potentially result in different hosts viewing cookies that they didn’t set, which is a potential security hole (albeit only if a host puts sensitive material into the cookie in the first place). None of this is implemented ...