In Windows 8.1, there’s a new WinRT-level HTTP API, specifically Windows.Web.Http.HttpClient that is intended to gradually supercede other APIs. More about this in my earlier post, Cool New APIs in Windows 8.1 #2: Windows.Web.Http.HttpClient.

One feature of this API is that it lets you manage cookies directly, something that APIs like the JavaScript XMLHttpRequest (and WinJS.xhr) lack.

In this context, some have asked whether cookies involved in one HttpClient request will persist to subseqeuent calls. The answer here is yes, in the same way that a desktop browser handles them. This means that cookies used with apps are subject to the typical app isolation policies for websites: cookies for app A are not visible to app B and vice-versa. The cookie will persist across calls, certainly, and also across app sessions, as they are stored in the WinINet cache like other HTTP request data. This assumes that the cookies are marked as persistent, and they are still subject to normal per-app limits and so on.

Calling HttpClient.Dispose(), mind you, will clear this stuff out.

The same policies apply to everything else in the WinINet cache, by the way–stuff that app A downloads is cached for it (subject to usual limitations), but is not accessible to app B. If the two apps request the same resource, that resource is cached separately for both apps and will be downloaded separately for each.

Comments are closed