I wrote a simple script to set some cookies, and found some cute numbers on the maximum cookies to be set per domain name per path. The cookies are in the form of <key>=<val>, e.g. 1=1, 2=1, 3=1, 4=1. The length of the cookie name matters, as I found out.
Internet Explorer 7 – 20 cookies, maximum of 244 Set-Cookies per page.
Firefox 3 – 50 cookies.
Safari 3 – 1161 cookies, no limit of Set-cookies per page. See analysis below.
Opera 9 – 30 cookies.
Chrome 0.4 – 59~70 cookies, I have no idea why it is varying.
Tencent Traveller 2 – 20 cookies, follows the behaviour of Internet Explorer 7.
Except Safari 3, all browsers have a limit on the number of cookies to be set. I guess Safari is using a link list for that. For most browsers, although the HTTP Response code is 200, they will report the page as cannot be displayed. However, for Safari, since it has no limit, when the cookie headers are too long ( > 7619 ), Apache replies with a 400 Bad Request.
Haven’t think of any interesting tests yet, but feel free to discuss if there is anything we can do about them. By the way, I remember hotmail sets a whole lot of cookies, like BrowserSense and BS are just duplicates obviously (legacy code, yeehh!), I wonder are they hitting the limits soon? =)
So much for debugging last time. Let’s get back to the web. =P
Tencent Traveller – http://www.skycn.com/soft/14500.html
RFC2109 – http://www.faqs.org/rfcs/rfc2109.html
RFC2965 – http://www.faqs.org/rfcs/rfc2965.html