What are allowed characters in cookies?

Question

What are the allowed characters in both cookie name and value? Are they same as URL or some common subset?

Reason I\'m asking is that I\'ve recently hit some strange

Answer 1

In ASP.Net you can use System.Web.HttpUtility to safely encode the cookie value before writing to the cookie and convert it back to its original form on reading it out.

// Encode
HttpUtility.UrlEncode(cookieData);

// Decode
HttpUtility.UrlDecode(encodedCookieData);

This will stop ampersands and equals signs spliting a value into a bunch of name/value pairs as it is written to a cookie.