I would like to store some user settings in a cookie

Don't do that.

Sooner or later, someone will figure out how to decode the cookie contents and give themselves an enhanced status that you were probably not willing to concede.

Use the cookie as, well, a cookie. That is, a random string of bits that has no intrinsic meaning. When the client returns to your site, you read the cookie and go look up the settings that are keyed to that user in some table. Think of it as a the 100 dollar note torn in half and shared between two spies. Alone, either half is worthless: it's only when you put them together that they mean anything.

A cardinal rule of web programming is to never trust the user. Don't put any semantic meaning into a cookie. Keep all that information on your server. You'll also keep you're cookie size down. 256 bits encoded in Base-64 takes 11 bytes, and I doubt you'll hit a collision before the heat death of the universe.

• another intruder with the mooring in the heart of the Perl

In reply to Re: Compressing data structures for cookies by grinder
in thread Compressing data structures for cookies by gwg

Title:
Use:  <p> text here (a paragraph) </p>
and:  <code> code here </code>
to format your post, it's "PerlMonks-approved HTML":


  • Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
  • Titles consisting of a single word are discouraged, and in most cases are disallowed outright.
  • Read Where should I post X? if you're not absolutely sure you're posting in the right place.
  • Please read these before you post! —
  • Posts may use any of the Perl Monks Approved HTML tags:
    a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
  • You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)
            For:     Use:
    & &amp;
    < &lt;
    > &gt;
    [ &#91;
    ] &#93;
  • Link using PerlMonks shortcuts! What shortcuts can I use for linking?
  • See Writeup Formatting Tips and other pages linked from there for more info.