Discuss this help topic in SecureBlackbox Forum

Work with cookies

Cookies are blocks of information, that are originally sent by the server and kept on the client. Cookies are used to keep the session state, authentication information etc..

Cookies have a form of "Name=Value".

There are several ways to work with cookies in TElHTTPSClient class.

Cookie Manager

The simplest way is to use TElCookieManager class. Assign an instance of TElCookieManager to TElHTTPSClient.CookieManager property to get automatic cookie management. TElCookieManager automatically collects and passes cookies. Also it can save and load cookies in XML format.

Fine-grain control over cookies

You can use RequestCookies and ResponseCookies properties. RequestCookies contains the list of cookies to be sent to the server (see the cookie format below). ResponseCookies contains the list of cookies received from the server.

Cookie format

Fine-grain control over cookies lets you manage cookies in a flexible way, however you must be aware of several incompatible formats, in which cookies are sent by various servers. These formats are defined in RFC 2109, RFC 2965 and finally RFC 6265.

Each cookie is sent by the server in the following format:
NAME=VALUE; expires=DATE; path=PATH; domain=DOMAIN_NAME; secure
There can be multiple cookies sent in one server response.

The application must parse the cookies and store NAME=VALUE pairs separately as it will need them when sending the consequent requests to http://DOMAIN_NAME/PATH* The application must take care about cookie expiration date. If the date is not specified, the cookie expires with the user session (when the client application is closed).

When sending cookies, each NAME=VALUE pair must be put as a separate line of text to RequestCookies property. If you use RequestParameters.Cookie property, you need to put all cookies into one line of text as follows:

How To articles about client-side HTTPS questions

Discuss this help topic in SecureBlackbox Forum