please dont rip this site
Platform SDK: IIS SDK
      [IIS 5.0] [IIS 5.1] [IIS 6.0]

Request.Cookies Collection

The Cookies collection enables you to retrieve the values of the cookies sent in an HTTP request.

Cookies should never be used to store secure data, such as passwords. Cookies are transmitted as clear text. If a malicious user taps an internet connection, then they can take cookie data to impersonate a client and gain access to their data. If you must transmit sensitive data, do so on a Secure Sockets Layer (SSL) connection. For more information on SSL, see "Secure Sockets Layer" in IIS Help, which is accessible from IIS Manager.

As a security precaution, always encode cookie data (or any request data) before using it. A general method of encoding data is to use Server.HTMLEncode. Another method is to write a short function that tests request data for invalid characters. More information can be found by reading chapter 12 of Writing Secure Code, and using Checklist: ASP Security when you create your ASP applications.


Request.Cookies( cookie)[( key)|. attribute]


Specifies the cookie whose value should be retrieved.
An optional parameter used to retrieve subkey values from cookie dictionaries.
Specifies information about the cookie itself. The attribute parameter can be the following.
Name Description
HasKeys Read-only. Specifies whether the cookie contains keys.


You can access the subkeys of a cookie dictionary by including a value for key. If a cookie dictionary is accessed without specifying key, all of the keys are returned as a single query string. For example, if MyCookie has two keys, First and Second, and you do not specify either of these keys in a call to Request.Cookies, the following string is returned.


If two cookies with the same name are sent by the client browser, Request.Cookies returns the one with the deeper path structure. For example, if two cookies had the same name but one had a path attribute of /Www/ and the other of /Www/Home/, the client browser would send both cookies to the /Www/Home/ directory, but Request.Cookies would only return the second cookie.

To determine whether a cookie is a cookie dictionary (whether the cookie has keys), use the following script.

<%=index.html Request.Cookies("myCookie").HasKeys %>

If MyCookie is a cookie dictionary, the preceding value evaluates to TRUE. Otherwise, it evaluates to FALSE.

You can iterate through all the cookies in the Cookie collection, or all the keys in a cookie. However, iterating through keys on a cookie that does not have keys will not produce any output. You can avoid this situation by first checking to see whether a cookie has keys by using the .HasKeys syntax, as shown in the following example:


    For Each strKey In Request.Cookies

      Response.Write strKey & " =index.html " & Request.Cookies(strKey) & "<BR>"

      If Request.Cookies(strKey).HasKeys Then

        For Each strSubKey In Request.Cookies(strKey)

          Response.Write "->" & strKey & "(" & strSubKey & ") = " & _

            Request.Cookies(strKey)(strSubKey) & "<BR>"


      End If




The following example prints the value of MyCookie on a Web page.

Here is the value of the cookie named MyCookie: 

<%=index.html Request.Cookies("myCookie") %> 

note Note  Cookies are described in detail in the HTTP state management specification, which is available on the World Wide Web Consortium Web site.

Applies To

Request Object

See Also


Platforms: Windows 2000 with IIS 5.0 installed, Windows XP with IIS 5.1 installed, Windows Server 2003 family with IIS 6.0 installed

Platform SDK Release: February 2003
What did you think of this topic?
Order a Platform SDK CD

file: /Techref/language/asp/OBJ/ref_vbom_reqoccookie.htm, 6KB, , updated: 2003/5/15 14:13, local time: 2024/6/21 12:31,

 ©2024 These pages are served without commercial sponsorship. (No popup ads, etc...).Bandwidth abuse increases hosting cost forcing sponsorship or shutdown. This server aggressively defends against automated copying for any reason including offline viewing, duplication, etc... Please respect this requirement and DO NOT RIP THIS SITE. Questions?
Please DO link to this page! Digg it! / MAKE!

<A HREF=""> Request.Cookies Collection</A>

After you find an appropriate page, you are invited to your to this massmind site! (posts will be visible only to you before review) Just type a nice message (short messages are blocked as spam) in the box and press the Post button. (HTML welcomed, but not the <A tag: Instead, use the link box to link to another page. A tutorial is available Members can login to post directly, become page editors, and be credited for their posts.

Link? Put it here: 
if you want a response, please enter your email address: 
Attn spammers: All posts are reviewed before being made visible to anyone other than the poster.
Did you find what you needed?

  PICList 2024 contributors:
o List host: MIT, Site host, Top posters @none found
- Page Editors: James Newton, David Cary, and YOU!
* Roman Black of Black Robotics donates from sales of Linistep stepper controller kits.
* Ashley Roll of Digital Nemesis donates from sales of RCL-1 RS232 to TTL converters.
* Monthly Subscribers: Gregg Rew. on-going support is MOST appreciated!
* Contributors: Richard Seriani, Sr.

Welcome to!