iscookie Element
Set a cookie in your system
Syntax
<iscookie
name = cookie_name //required
value = cookie_value //required
comment = cookie_use
domain = domain_name
path = pathname
maxAge = cookie_lifetime
version = cookie_spec
secure = "on" | "off"
/>
- name = cookie_name
-
Allowed data type: string or expression.
cookie_name
is a string or expression that specifies a name for the cookie. Names starting with "$" are not allowed. - value = cookie_value
-
Allowed data type: string or expression.
cookie_value
is a string or expression that specifies the value stored by the cookie, such as a specific user ID. - comment = cookie_use
-
Allowed data type: string or expression.
Because cookies can contain private information about a user, the comment attribute lets you document the intended use of the cookie. The user can inspect the information to decide whether to accept to accept or not to accept the cookie.
- domain = domain_name
-
Allowed data type: string or expression.
domain_name
specifies the domain for which the cookie is valid. An explicitly specified domain must always start with a dot. If not specified, the browser sets the attribute domain to the domain that issues the cookie. - path = pathname
-
Allowed data type: string or expression.
pathname
specifies the subset of URLs to which this cookie applies. Pages outside of that path can't use the cookie. - maxAge = cookie_lifetime
-
Allowed data type: integer or expression.
cookie_lifetime
defines the lifetime of the cookie in seconds. The value is a non-negative decimal integer. After the specified time elapses, the buyer's browser can discard the cookie. If the value is 0, the cookie will be deleted. If the value is less than 0, the cookie isn't persistent and is deleted when the browser exits. The lifetime of the cookie set by Salesforce B2C Commerce when an anonymous customer enters the site for the first time adheres to certain international data storage regulations. The maximum age of this cookie is 6 months. The lifetime of any cookie set by B2C Commerce is 6 months or less. - version = cookie_spec
-
Allowed data type: decimal integer or expression.
cookie_spec
is a decimal integer that identifies the version of the specification which the cookie conforms to. A decimal integer contains any of the digits 0 through 9. - secure = "on" | "off"
-
The secure attribute indicates that a cookie must only be used with a secure server, such as SSL. Default value is
off
. Expressions are not allowed.
Supporting Objects
For programmatically reading and modifying cookies, see also the following classes in the Scripting API documentation:
- dw.system.Request
- dw.web.Cookies
- dw.web.Cookie
Purpose
A cookie is a message given to the web browser by B2C Commerce. A cookie lets you store user-related information on the buyer's system, such as storefront preferences for a single buyer. Cookies can also be used to simplify the login procedure, so buyers don't have to type in their names and passwords each time they access the storefront. To accomplish this, the cookie would store a unique user ID on the buyer's system. After the cookie is stored, the browser returns it every time the buyer requests the URL of the issuing server.
You can't set a cookie's SameSite attribute using the API. The server sets SameSite to None if either the developer sets the cookie's Secure flag or the global security preference Enforce HTTPS is enabled, in which case the Secure flag is also set. Otherwise, the server doesn't set the SameSite attribute and the browser uses its own default SameSite setting. The SameSite attribute is not sent with a cookie if the server detects that the client doesn't correctly interpret the attribute.
Example
The following example shows how to set a cookie that can be used later to identify a customer:
<iscookie
name = "UserID"
value = "${pdict.buyer.UUID}"
comment = "your international customer ID"
domain = ".foo.com"
path = "/acme"
maxAge = "10000"
version = "0"
secure = "on"
/>
The following example shows how to use a cookie that is sent with the current request.
<isif condition = "${request.httpCookies['UserID'] != null)}">
<isredirect location = "${URLUtils.url('LoginPanel')}" />
</isif>