Of these, you need to worry only about :expires. It controls how long the browser should save the cookie. If :expires is **NIL** (the default), the browser will save the cookie only until it exits. Other possible values are , which means the cookie should be kept forever, or a universal time as returned by **GET-UNIVERSAL-TIME** or **ENCODE-UNIVERSAL-TIME**. An :expires of zero tells the client to immediately discard an existing cookie.11

    After you’ve set a cookie, you can use the function get-cookie-values to get an alist containing one name/value pair for each cookie sent by the browser. From that alist, you can pick out individual cookie values using **ASSOC** and **CDR**.

    The following function shows the names and values of all the cookies sent by the browser:

    Figure 26-7. http://localhost:2001/show-cookies with no cookies

    To set a cookie, you need another function, such as the following:

    1. (defun set-cookie (request entity)
    2.   (with-http-response (request entity :content-type "text/html")
    3.     (set-cookie-header request :name "MyCookie" :value "A cookie value")
    4.       (with-html-output ((request-reply-stream request))
    5.         (html 
    6.           (:standard-page
    7.            (:p "Cookie set.")
    8.            (:p (:a :href "/show-cookies" "Look at cookie jar."))))))))

    Cookies - 图2

    Figure 26-8.