In my previous post 8 steps to develop, setup and call c# cgi programs in IIS 7, we learned how to create a CGI program in C#, install it as a website and call it using GET and POST.
In this article, I am going to modify that C# program to include code to read and write cookies. We will create the cookies and also read the previously set cookie values. We will also learn how to use the cookies to maintain state across requests.
What are Cookies ?
Cookie is piece of text in the format of “Set-Cookie: cookiename1=value1;Expires=Expiration_Time; domain=domain_name\n” that can be sent from the CGI program to the requesting browser, in the HTML header. Since this text is sent in HTML header of the HTTP response, this will not be rendered on the browser. Instead the browser simply saves into the browser’s memory.
When the user requests any other CGI or HTML on the same server with domain domain_name, the browser simply sends the cookie back as long as the request was within the Expiration_Time limit. Since HTTP is a stateless protocol, cookies can be used to maintain state across requests to the same server from a given user/browser.
When ever you use Expires=Expiration_Time, you instruct the browser to save the cookie on the hard drive. They are called persistant cookies.
Sometime you want to set the cookie thru one subdomain sub1.domain.com and be able to access it when a request is made to a different sub domain sub2.domain.com. You can achieve this by simply setting domain=.domain.com
My C# CGI Program
I modified my original C# program and programmed it to use cookies. Notice that all text sent to the Console before “\n\n” is the HTTP header. Any text sent after “\n\n” is considered HTML and will be shown to the user.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 |
using System; using System.Collections.Generic; using System.Linq;using System.Text; namespace ConsoleApplication2 { class ConsoleApplication2 { [STAThread] // uses single threaded apartment model (STA) static void Main(string[] args) { string cookie = "Set-Cookie: MyCookie1=" + System.DateTime.Now.ToString() + ";\n"; cookie = "Set-Cookie: " + System.Environment.GetEnvironmentVariable("QUERY_STRING") + ";\n"; Console.Write(cookie); Console.Write("Content-Type: text/html\n"); Console.Write("\n"); Console.Write("<html><head><title>IIS7 CGI using C#</title></head><body><h1>CGI Cookie Demo</h1>"); Console.Write("<h2>Cookie Sent:</h2>" + cookie); Console.Write("<h2>Cookie Received:</h2>" + System.Environment.GetEnvironmentVariable("HTTP_COOKIE")); Console.Write("</body></html>"); } } } |
Life cycle of the CGI calls
Call #1
Let us call the CGI from the browser for the first time, using the URL: http://localhost:81/temp/ConsoleApplication2.exe?name=Tom.
As you can see in the above C# code,
we will get the QUERY_STRING from the environment variable, use that to create a new cookie and send it to the browse by simply using Console.Write(“Set-Cookie: cookiename=cookievalue;”)r. So the cookie name in our case is name and value will be Tom.
We are also reading if any cookies are sent from the browser to be received by the CGI. You will notice that since its the first request, there are no cookies received by the CGI.
The output from the CGI see at the client (browser) from the first call looks like:
Call #2
Now change the URL a little bit and call the CGI again using: http://localhost:81/temp/ConsoleApplication2.exe?Age=22
This is call#2 or the second call to the CGI. The HTTP protocol is stateless meaning when the call#1 was made, the entire CGI program was loaded and run by the IIS and whatever it wrote to the console was sent back. Then the CGI exited. Now when call#2 is made, the IIS will run the CGI again. IIS does not remember what was sent or received in call#1. The only way we can remember what was sent in call#1 is by looking at the cookie received in call#2. Since our program is simply setting a cookie with the QUERY_STRING name,value pairs, what ever was received in QUERY_STRING of call#1 was set as cookie in call#1. And in call#2, the received cookie will contain what was set in call#1.
Call #3
Change the URL a little bit and call the CGI again using: http://localhost:81/temp/ConsoleApplication2.exe. Notice that in this call there are no variables sent in the URL. But in the output you can see the two cookies received name=Tom; Age=22. This clearly shows that we are able to maintain the state between the HTTP calls to this CGI program by using HTTP cookies.