Monthly Archives: June 2013

Storing .NET objects in cookies part 2 – compact bytes to string conversion

As I mentioned in part 1, Forms authentication cookies can get quite big when they have some data in the UserData field. The main problem is that every 8-bit character in the user data occupies four characters in the cookie, because it is UTF-16 encoded (1 character – 2 bytes, an extra zero is added) and converted to a hexadecimal string (1 character – 4 characters). For example, the “X” character (U+0058) ends up as the four character string “5800″. Plus a little overhead of the ticket itself, plus the 33% overhead of Base64 encoding. Here’s how you can do a lot better. Continue reading

The blog is alive

It was shocking to discover that I haven’t posted for over a year. Life happened, changing priorities, that’s all. As you can see, finally I had the time to write a new post, and there are at least 2 more in the queue right now, and an ever growing list of new ideas. Dear readers, don’t you worry, I will try to keep new stuff coming :) .

Storing .NET objects in cookies part 1 – compact serialization with binary XML

I was recently faced with the following challenge in an ASP.NET application. I have a data contract object that describes a user, which I have to store in a cookie for authentication and other purposes. Forms authentication is perfect for this: the cookie is cryptographically protected, the authentication is very easy to configure and it can store arbitrary user data as well. Problem is, as you might guess, this cookie would be quite big. You might ask, why don’t I store this object in the session? Because I wanted a session-less application. Or why don’t I store only a user ID in the cookie? Because gathering the user information is quite an expensive task. So the challenge was to serialize this object in the most compact way. Continue reading