I'm wondering if using the following Javascript code is reliable:

if (!document.cookie) {
    alert('Cookies are disabled.');
}

I've tested this in IE, Firefox and Chrome and it seems that when you disabled cookies, the document.cookie object becomes unavailable. Does anyone have any experience with this method working/not working?

Many Thanks
Stephen

Additional

I'm well aware that this method requires JavaScript to be enabled on the client. I'm also aware of other server-side/JavaScript solutions. Please can the discussion remain on topic.

The only reliable way to me in this scenario (check if cookies are disabled, you don't mind about the javascript issues, and need a client-side solution) is to use a set function for a test cookie, then a get function to read it back. If the test cookie can't be read back, cookies are off.

You can write your own implementation of it reading a great resource from quirksmode, use a jQuery plugin or an out-of-box solution.

In XHTML documents, there is no document.cookie at all (up to Firefox 2 or forever on if you send the document as application/xml). I had to learn painfully, that it can be set on document, however:

document.cookie = "foo";

This is valid JS, and the browser shrugs its shoulders and sets the property cookie of the variable document. But the special magic to transform this in an HTTP header doesn't get called.

To put it in a nutshell: No, you can't be sure, that the absence of document.cookie is always identical with disabled cookies, and vice versa.

Try setting a value on the server, and reading it on the client. If cookies are enabled, you should be able to read the same value. If not, they are disabled. Note that the site might have httpOnly enabled.

Opera 7.10 will not understand document.cookie, so it is not reliable. Try using this one instead:

<script type="text/javascript">
var cookieEnabled=(navigator.cookieEnabled)? true : false

//if not IE4+ nor NS6+
if (typeof navigator.cookieEnabled=="undefined" && !cookieEnabled){ 
document.cookie="testcookie"
cookieEnabled=(document.cookie.indexOf("testcookie")!=-1)? true : false
}

//if (cookieEnabled) //if cookies are enabled on client's browser
//do whatever

</script>

It is compatible with most browsers and the ones which will not work with it are not used anymore. I have tested it with Internet Explorer 8.0, Firefox 3.6, Google Chrome 4.0, Opera 10.10 both within HTML and XHTML. While using HTML version with Internet Explorer 8.0 I had to confirm execution of the script.

var gotCookie = (navigator.cookieEnabled) ? true : false;

if(typeof navigator.cookieEnabled == 'undefined' && !gotCookie) {
    document.cookie = 'test';
    gotCookie       = (document.cookie.indexOf('test') != -1) ? true : false;
    }

if gotCookie == true, then you've gotCookie :)

note: when there's no cookie set, document.cookie seems to be unavailable even if cookie is enabled in the browser. that's why we set it with document.cookie = 'test', then check it on the next line. of course, assuming that js is enabled.