Ruby CGI Cookies


HTTP protocol is a stateless protocol. But for a commercial website, it is required to maintain session information among different pages. For example, one user registration ends after completing many pages. But how to maintain user's session information across all the web pages.

In many situations, using cookies is the most efficient method of remembering and tracking preferences, purchases, commissions, and other information required for better visitor experience or site statistics.

How It Works ?

Your server sends some data to the visitor's browser in the form of a cookie. The browser may accept the cookie. If it does, it is stored as a plain text record on the visitor's hard drive. Now, when the visitor arrives at another page on your site, the cookie is available for retrieval. Once retrieved, your server knows/remembers what was stored.

Cookies are a plain text data record of 5 variable-length fields:

  • Expires : The date the cookie will expire. If this is blank, the cookie will expire when the visitor quits the browser.

  • Domain : The domain name of your site.

  • Path : The path to the directory or web page that sets the cookie. This may be blank if you want to retrieve the cookie from any directory or page.

  • Secure : If this field contains the word "secure", then the cookie may only be retrieved with a secure server. If this field is blank, no such restriction exists.

  • Name=Value : Cookies are set and retrieved in the form of key and value pairs.

Handling Cookies in Ruby

You can create a named cookie object and store any textual information in it. To send it down to the browser, set a cookie header in the call to CGI.out.


require "cgi"
cgi ="html4")
cookie ='name' => 'mycookie',
                         'value' => 'Zara Ali',
                         'expires' => + 3600)
cgi.out('cookie' => cookie) do
   cgi.head + cgi.body { "Cookie stored" }

The next time the user comes back to this page, you can retrieve the cookie values set as shown below:


require "cgi"
cgi ="html4")
cookie = cgi.cookies['mycookie']
cgi.out('cookie' => cookie) do
   cgi.head + cgi.body { cookie[0] }

Cookies are represented using a separate object of class CGI::Cookie, containing the following accessors:

AttributeReturned Value
nameCookie name
valueAn array of cookie values
pathThe cookie's path
domainThe domain
expiresThe expiration time (as a Time object)
secureTrue if secure cookie