tags:

views:

184

answers:

2
+1  Q: 

How to tell browser do not send COOKIE for certain folders, files or request?

I'm running PHP5 and Apache with mod_rewrite enabled.

As we know on every page load browser sends cookie data to requested files. This data could be useful for PHP files, however for images or css files it has no value and simply make communication between browser and server slower.

Is there any ways to tell browser or server to stop doing so for certain file types or directories?

+4  A: 

Two ways:

  1. Restrict the path of the cookie to only the part of your site containing php scripts that need the cookies, or
  2. Serve images and css from a different domain, where the cookies won't get sent.
dmazzoni  2009-12-31 06:06:48
In my application there is only one php file in public html folder which is index.php in same directory there is assets and media folder.In this scenario defining cookie path would not make any difference and creating new domain or sub domain is not always possible.
Nazariy  2009-12-31 06:20:37
Sorry, path and domain are the only way (aside from port and security, which usually aren't of much use). Why not redirect index.php to /home/index.php or /a/index.php or something like that? Then cookies can only go to that subpath.
dmazzoni  2009-12-31 16:04:25
+1  A: 

I looked up the cookie specification.

When it sends a request to an origin server, the user agent includes a Cookie request header if it has stored cookies that are applicable to the request.

The only conditions that it describes are domain, path, port, and security (https). If you can't restructure your application to avoid this, you're going to get the extraneous cookies, and there's probably nothing you can do about it (short of replacing all the browsers on the Internet, or just not sending cookies to begin with). I'd consider putting a redirect at / to point it to a subdirectory, but that's probably just as much overhead as you're hoping to save, and has semantic implications.

Have you benchmarked it? How big a deal is it exactly? How big of cookies are you sending? Are there other optimizations you could be doing to improve your user experience instead?

Cookie syntax, for reference:

   set-cookie      =       "Set-Cookie2:" cookies
   cookies         =       1#cookie
   cookie          =       NAME "=" VALUE *(";" set-cookie-av)
   NAME            =       attr
   VALUE           =       value
   set-cookie-av   =       "Comment" "=" value
                   |       "CommentURL" "=" <"> http_URL <">
                   |       "Discard"
                   |       "Domain" "=" value
                   |       "Max-Age" "=" value
                   |       "Path" "=" value
                   |       "Port" [ "=" <"> portlist <"> ]
                   |       "Secure"
                   |       "Version" "=" 1*DIGIT
   portlist        =       1#portnum
   portnum         =       1*DIGIT
fennec  2009-12-31 06:35:28

related questions

Make Browser Window Blink in Task Bar
Large File Download
Browser's Default CSS
Disable browser 'Save Password' functionality
What's the simplest way to decremement a date in Javascript by 1 day?
Browser scrollbar
Limitations of screen readers.
Version detection with Silverlight
Best way to fix CSS/JS drop-down problem in IE7 when page includes Google Map
Recommendations for browser add-on tools to help with development
Hyperlinks displaced on IE7
Building Standalone Applications in JavaScript
HTML differences between browsers
Browser Sync accross many machines
Getting selected text in a browser, cross-platform.
How to get PNG transparency working in browsers that don't natively support it?
Best WYSIWYG CSS editor?
Javascript events
Preferred way to use favicons?
IE6: To support or not to support.
Getting the text from a drop-down box
Other browsers
Drag and Drop to a hosted Browser control
How can I tell if a web client is blocking ads?
How can I determine a web user's time zone?