BKCOOKIE.RVW 980320 "Cookies", Simon St. Laurent, 1998, 0-07-050498-9, U$34.95 %A Simon St. Laurent %C 300 Water Street, Whitby, Ontario L1N 9B6 %D 1998 %G 0-07-050498-9 %I McGraw-Hill Ryerson/Osborne %O U$34.95 800-565-5758 fax: 905-430-5020 louisea@McGrawHill.ca %P 361 p. %T "Cookies" I am probably more aware of cookies than most. I do allow cookies, but I get a warning each time somebody tries to set one on me. (For those who are aware of cookies, this fact alone will tell you that I do not spend a lot of time "surfing".) I know that you cannot download a number of things off the Microsoft Website without they feed you a cookie and you accept. I know that a large number of cookies are not being set by the pages I am looking at, but by servers listing banners on those pages. I know that PCWorld magazine holds the record as far as I am concerned: thirteen attempts to set a cookie on a single access to a single page. I know that Clinique gets a bonus, as far as I am concerned, for personalizing the page for the user without setting a cookie at all. So I was most interested to see this book. I approached it with some trepidation, I admit, since books on "new" and "hot" technologies do not have a good track record, particularly those with some link to business. However, what I found was a book with something for programmers, privacy advocates, and interested Internauts alike. Chapter one explains what cookies are, and why. It does this with a series of analogies of different types of activities (mostly, but not uniquely, commercial) that require some kind of memory through certain stages of the process. The structures of both the older version 0 Netscape and the newer RFC 2109 cookies are detailed in chapter two, along with special notes (Lynx deletes *all* cookies on exit) and tips (if you want to set an expiry date to maintain the cookie into the future, note that you must set the path). Chapter three provides the user with detailed, browser-by-browser information on how to manage cookies, including blocking options and storage methods. It also discusses proxy servers and add-in cookie blocking tools. However, St. Laurent's major concern is for the effective programming of cookies. Client-side programming, with JavaScript and VBScript, is covered in chapter four. Server-side cookie programming, and the pros and cons thereof, are discussed in chapter five. Chapter six demonstrates the use of cookies in combination with CGI (Common Gateway Interface) programming for more sophisticated activities. Netscape's Server Side JavaScript and Microsoft's Active Server Pages are covered separately in chapters seven and eight. "Pure" Java does not allow for cookie generation, but with the extensions to provide connections between Java and JavaScript an applet can now feed and check cookies, which chapter nine demonstrates. Chapter ten looks at Microsoft Site Server, which has perhaps the most effective, and potentially invasive, tools for collecting information about Web users through the use of cookies. St. Laurent explains the various information gathering activities, and also presents effective handling of both those who accept, and those who reject, cookies. Chapter eleven examines probable developments in cookies in the near future, and briefly looks at the question of identity information gathering by Web site owners. There is some small irony in the fact that St. Laurent expresses his own concern for balance in the overall presentation at the end of chapter ten. I am glad that he was worried about being biased in one direction or another: it has made for a rational and clear presentation of a topic which is currently rather overheated. The book fully appreciates both the needs and the concerns, and provides not only the facts, but a lucid and clear-sighted analysis of the real situation. copyright Robert M. Slade, 1998 BKCOOKIE.RVW 980320