Cookies
In AllegroServe you can send a Set-Cookie header that tells the browser to save a cookie and send it along with subsequent requests by calling the function set-cookie-header
within the body of with-http-response
but before the call to with-http-body
. The first argument to the function is the request object, and the remaining arguments are keyword arguments used to set the various properties of the cookie. The only two you must pass are the :name
and :value
arguments, both of which should be strings. The other possible arguments that affect the cookie sent to the browser are :expires
, :path
, :domain
, and :secure
.
Of these, you need to worry only about :expires
. It controls how long the browser should save the cookie. If :expires
is **NIL**
(the default), the browser will save the cookie only until it exits. Other possible values are :never
, which means the cookie should be kept forever, or a universal time as returned by **GET-UNIVERSAL-TIME**
or **ENCODE-UNIVERSAL-TIME**
. An :expires
of zero tells the client to immediately discard an existing cookie.11
After you’ve set a cookie, you can use the function get-cookie-values
to get an alist containing one name/value pair for each cookie sent by the browser. From that alist, you can pick out individual cookie values using **ASSOC**
and **CDR**
.
The following function shows the names and values of all the cookies sent by the browser:
(defun show-cookies (request entity)
(with-http-response (request entity :content-type "text/html")
(with-http-body (request entity)
(with-html-output ((request-reply-stream request))
(html
(:standard-page
(:title "Cookies")
(if (null (get-cookie-values request))
(html (:p "No cookies."))
(html
(:table
(loop for (key . value) in (get-cookie-values request)
do (html (:tr (:td key) (:td value)))))))))))))
(publish :path "/show-cookies" :function 'show-cookies)
The first time you load the page http://localhost:2001/show-cookies
it should say “No cookies” as shown in Figure 26-7 since you haven’t set any yet.
Figure 26-7. http://localhost:2001/show-cookies
with no cookies
To set a cookie, you need another function, such as the following:
(defun set-cookie (request entity)
(with-http-response (request entity :content-type "text/html")
(set-cookie-header request :name "MyCookie" :value "A cookie value")
(with-http-body (request entity)
(with-html-output ((request-reply-stream request))
(html
(:standard-page
(:title "Set Cookie")
(:p "Cookie set.")
(:p (:a :href "/show-cookies" "Look at cookie jar."))))))))
(publish :path "/set-cookie" :function 'set-cookie)
If you enter the URL http://localhost:2001/set-cookie
, your browser should display a page like the one in Figure 26-8. Additionally, the server will send a Set-Cookie header with a cookie named “MyCookie” with “A cookie value” as its value. If you click the link Look at cookie jar, you’ll be taken to the /show-cookies
page where you’ll see the new cookie, as shown in Figure 26-9. Because you didn’t specify an :expires
argument, the browser will continue to send the cookie with each request until you quit the browser.
Figure 26-8. http://localhost:2001/set-cookie
Figure 26-9. http://localhost:2001/show-cookies
after setting a cookie