OUI

9.3 Are Cookies supported in the WAP environment?

Normal HTTP Cookies ARE to some extent supported in the WAP environment. It doesn't matter what you've heard before. Cookie support is getting better. In fact Openwave's UP.Link gateway has had support for this for some time.

The script is also available in the demos section at DEMO.

The first time you view the card, the counter should read 0 (zero). All caching has been turned off, and to support even the poorest of the WML browsers, the card forces a reload of itself by adding a random variable to the URL. (I do not recommend this method of forcing a reload). When you click on the Increase Counter link, the deck will reload, and the card should reappear with the counter increased to 1 (one) and so on.

The Cookie name in the script is called TestCookie, and it has a very long life span, so if you return to the script several days later, the counter should read the number you last saw - i.e. not 0 (zero). This only applies if you return with the same type of environment that you last visited the script with. If you somehow clear your locally stored cookie data, the counter will again start at 0 (zero).

If the counter reads 0 (zero) over and over again, a cookie is not passed to the web server. The script also attempts to check if a cookie was passed and will tell you this.

In addition, the script also displays the HTTP header string HTTP_VIA and HTTP_USER_AGENT which should give you some indication as to which gateway make and model you are using. Some gateways identifies themselves via HTTP_VIA and some via HTTP_USER_AGENT and some gateways are made by programmers that just couldn't be bothered.

The code for the test script is available below. This is PHP code, but a standard PHP setcookie() function equivalent will exist in most popular script languages, and that's pretty much the only special thing with the script. The function simply sets the cookie, and the PHP variable $HTTP_COOKIE_VARS is used to read the cookie.

  <?
    if(isset($HTTP_COOKIE_VARS["TestCookie"])) {           // Check if TestCookie is set
      $cookieset = "set";
      $cookieid = $HTTP_COOKIE_VARS["TestCookie"];         // Read the Cookie
      $cookieid++;                                         // and increase its value
    }
    else {
      $cookieset = "not set";                              // cookie was not set
      $cookieid = 0;                                       // start counter at zero
    }
    setcookie("TestCookie",$cookieid);                     // apply the Cookie to the HTTP header
    header("Content-type: text/vnd.wap.wml");              // set the content type for WML
    header("Expires:  05:00:00 GMT");                       // disable ALL caching
    header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");
    header("Cache-Control: no-cache, must-revalidate");
    header("Pragma: no-cache");
    echo("<?xml version=\"1.0\"?>\n");
    echo("<!DOCTYPE wml PUBLIC \"-//WAPFORUM//DTD WML 1.1//EN\" \"http://..\">\n\n");
    echo("<!-- This application attempts to test the capabilities of a WAP gateway to support cookies -->\n");
    echo("<!-- App by (c)  -->\n");
    $random = mt_rand(100000,999999);                      // Generate random value for reload forcing
  ?>
  <wml>
  <head>
  <meta forua="true" http-equiv="Cache-Control" content="must-revalidate"/>   // Even more cache disabling
  </head>
  <card id="init" title="CookieTest">
  <p>Cookie "TestCookie" was <?echo($cookieset)?>. Value is currently "<?echo($cookieid)?>"</p>
  <p><anchor>Increase value<go method="get" href="<?echo($PHP_SELF)?>?random=<?echo($random)?>"/></anchor></p>
  <p>Gateway: 
  <?
    if(isset($HTTP_VIA)) {                // Is there something in the HTTP_VIA variable?
      echo($HTTP_VIA);
    }
    else {
      if(isset($HTTP_USER_AGENT)) {       // Is there something in the HTTP_USER_AGENT variable?
        echo($HTTP_USER_AGENT);
      }
      else {
        echo("Unknown");                  // Absolutely no identifier was found
      }
    }
  ?>
  </p>
  </card>
  </wml>
[ Main ]   [ 09 - Security ]