Are there any limitations on the size of the cookie? Also, is this browser dependent?
+2
A:
4kb = 4096 bytes
If I recall correctly, independent of browser. See Can cookies get too big.
Josh K
2010-06-24 03:56:03
+5
A:
The "official" maximum size is 4KB, but I would prefer to keep it well under that: no more than a few hundred bytes, tops.
The reason is that cookies are transmitted from the client to the server with every single request - even when requesting images, css and js files (if they reside on the same host something you should avoid in general, but for small sites may not be worth the bother). That means that you'll be requiring the client to transmit 4KB for every request - remembering also that most consumer broadband has much slower upload speed than download speed.
Dean Harding
2010-06-24 04:02:58
+1 | Great explanation plus mentioning the upload speed issue. I don't think I've ever even come across someone who's upload speed was close to or more than their download speed. My upload speed is almost half my download speed.
animuson
2010-06-24 04:07:05
+1
A:
Importantly the official cookie spec RFC 2965 states the minimums browser should adhere to:
5.3 Implementation Limits Practical user agent implementations have limits on the number and size of cookies that they can store. In general, user agents' cookie support should have no fixed limits. They should strive to store as many frequently-used cookies as possible. Furthermore, general-use user agents SHOULD provide each of the following minimum capabilities individually, although not necessarily simultaneously:
- at least 300 cookies
- at least 4096 bytes per cookie (as measured by the characters that comprise the cookie non-terminal in the syntax description of the Set-Cookie2 header, and as received in the Set-Cookie2 header)
- at least 20 cookies per unique host or domain name
User agents created for specific purposes or for limited-capacity devices SHOULD provide at least 20 cookies of 4096 bytes, to ensure that the user can interact with a session-based origin server.
The information in a Set-Cookie2 response header MUST be retained in its entirety. If for some reason there is inadequate space to store the cookie, it MUST be discarded, not truncated. Applications should use as few and as small cookies as possible, and they should cope gracefully with the loss of a cookie.
Read more: http://www.faqs.org/rfcs/rfc2965.html#ixzz0rjy5CJQa
Microsoft saves cookies into the "Temporary Internet Files" folder, a system folder that you can set the maximum size of (the default is 2% of your hard drive).
In any event, remember that most cookie files are 4KB or smaller, so you would need about a million cookies to fill up a 4GB drive. This is incredibly unlikely.
You'll see the 4kb limit reference around the internet along with other useful stats.
John K
2010-06-24 04:14:57
Then Firefox correctly implemented the specs but at the bare minimum suggestion. Unfortunate for us with longer cookies.
John K
2010-06-24 17:54:25