Blog

Super Cookies example code using Flash local storage

by Christian Bartens on
What are Super Cookies?
Super cookies are a relatively new method of storing user information locally for usage in web applications. Users will be familiar with standard web cookies, which are used to store anything from session ID’s through to personal information and usage information. Their downsides are many, mainly that they get deleted all the time, or are simply rejected based on the users privacy settings. Along with straight up rejection, cookies are also browser specific. If you’re like me and switch from chrome to firefox to safari on a regular basis, then analysts are out of luck, each browser appears in reports as a different user. Just to compound those issues a little more, cookies are domain specific. With the exception of third party cookies (set on another domain), which are largely rejected these days, all cookies are stored under the domain the visitor is visiting. This is also the only domain that can access those cookies, which means sites or networks spanning multiple domains have major issues trying to pass information as users hop domains. 
Superman_cookies_fav
Enter the Super Cookie…
Imagine you can set a cookie that is available across multiple domains and multiple browsers, with a high acceptance rate and a dramatically lower deletion rate. You can! Here are some of the advantages:
  • Flash cookies use the Flash local storage object (LSO), which is common to all browsers. 
  • Flash cookies are set on the domain the flash file was served from, so by serving from a common location, the cookies are available to multiple domains.
  • Flash has a 99% penetration rate (according to them – http://www.adobe.com/products/player_census/flashplayer/)
  • The cookie size limitations are far less restrictive than standard cookies.
  • Flash content is largely not controlled by browser privacy settings (yet). So the deletion rates are minimal compared to standard cookies
  • Flash can be used to back up standard cookies so they can be regenerated 

How to install?
We’ve created a very simple integration that essentially provides the ability to read and write cookies with just a few lines of code to be cut and paste, see below. For full details, please see the attached zip file with code and fully documented examples.

Essentially there are 3 steps:
1. Add the js and swf files to your server (see “Datalicious Super Cookie.zip” file)
2. Cut and paste the following code on your page

<script type=”text/javascript” src=”supercookie.js”></script>
<script type=”text/javascript”>
function dtFlashCookieLoaded(){
// Function triggers when the flash loading is complete. At this point you can read and write the super cookies. 
}
</script>

3. Once you have added the files and put the code on page, cookies can be read/written using two very simple javascript functions, as follows:
setSuperCookie(name,value);
getSuperCookie(name);

The dtFlashCookieLoaded() function is executed once the flash has loaded. If you have code depending on the flash read/write, you can put it inside this function or alternatively you can use this to set a flag to indicate that the flash object can now be accessed.

Custom Implementations
Datalicious provides consulting on web analytics, business intelligence and strategy. Feel free to contact us with any enquiries at insights@datalicious.com

Privacy controls
Lots of people are not happy about super cookies, the privacy concerns are obvious. In some ways i can support this notion, but as a web analyst i also see the benefits passed on to consumers by the better understanding of customers, and they are huge. We encourage businesses to be open and transparent about privacy. If you are concerned about privacy, please see the following Wikipedia article http://en.wikipedia.org/wiki/Local_Shared_Object

About the author