interview

home / developersection / interviews / what is httpcookie class in c#?

Ask Question

What is HttpCookie Class in C#?

ICSM Computer 154 05-May-2025
c# c# 
Updated on 05-May-2025
ICSM Computer

IT-Hardware & Networking

Ravi Vishwakarma is a dedicated Software Developer with a passion for crafting efficient and innovative solutions. With a keen eye for detail and years of experience, he excels in developing robust software systems that meet client needs. His expertise spans across multiple programming languages and technologies, making him a valuable asset in any software development project.

Follow Message
Can you answer this question?
Answer

1 Answers

ICSM Computer

ICSM Computer

05-May-2025

The HttpCookie class in ASP.NET (System.Web) is used to create, read, and manage cookies — small pieces of data stored on the client’s browser. 

Cookies are commonly used for storing user preferences, authentication tokens, session identifiers, or any small data that needs to persist between requests.

Namespace and Assembly

using System.Web;

Difinition

public sealed class HttpCookie

This class represents an individual cookie — a name-value pair optionally with metadata like expiration date, path, domain, and security settings.

Constructors

HttpCookie(String, String) Creates, names, and assigns a value to a new cookie.
HttpCookie(String) Creates and names a new cookie.

Common Properties

Property Description
Name The name of the cookie (required)
Value The string value stored in the cookie
Expires Sets the expiration date (otherwise it's a session cookie)
Domain Specifies the domain the cookie is valid for
Path Specifies the path the cookie is valid for
Secure If true, the cookie is sent only over HTTPS
HttpOnly If true, JavaScript cannot access the cookie
Values A collection of key-value pairs inside the cookie

Creating and Sending a Cookie to the Browser

HttpCookie userCookie = new HttpCookie("UserSettings");
userCookie["Theme"] = "Dark";
userCookie["FontSize"] = "Medium";
userCookie.Expires = DateTime.Now.AddDays(7); // lasts 7 days
userCookie.HttpOnly = true;

Response.Cookies.Add(userCookie);

Reading a Cookie

HttpCookie cookie = Request.Cookies["UserSettings"];
if (cookie != null)
{
    string theme = cookie["Theme"];
    string fontSize = cookie["FontSize"];
}

This reads the cookie from the user's browser on the next request.

Deleting a Cookie

You "delete" a cookie by setting its expiration date in the past:

if (Request.Cookies["UserSettings"] != null)
{
    HttpCookie cookie = new HttpCookie("UserSettings");
    cookie.Expires = DateTime.Now.AddDays(-1); // expired
    Response.Cookies.Add(cookie);
}

Security Notes

  1. Set HttpOnly = true to prevent client-side JavaScript from accessing cookies.
  2. Use Secure = true for HTTPS-only cookies.
  3. Cookies can be intercepted if not encrypted — don’t store sensitive data unless encrypted.

Session vs Persistent Cookie

Type Behavior
Session cookie No Expires set — deleted when the browser closes
Persistent cookie Expires set — stored until expiration

Example Scenario: Remember User's Language Preference

// On first login
HttpCookie langCookie = new HttpCookie("PreferredLang", "en-US");
langCookie.Expires = DateTime.Now.AddMonths(1);
Response.Cookies.Add(langCookie);

// Later usage var lang = Request.Cookies["PreferredLang"]?.Value;

 

advertising
advertising

Liked By

We use cookies to ensure you have the best browsing experience on our website. By using our site, you acknowledge that you have read and understood our Cookie Policy & Privacy Policy