Apex Developer Guide
jNewer Version Available
Cookie Class
Namespace
Usage
Use the setCookies method of the PageReference Class to attach cookies to a page.
Consider the following limitations when using the Cookie class:
- The Cookie class can only be accessed using Apex that is saved using the Salesforce API version 19 and above.
- The maximum number of cookies that can be set per Salesforce Sites domain depends on your browser. Newer browsers have higher limits than older ones.
- Cookies must be less than 4K, including name and attributes.
- The maximum header size of a Visualforce page, including cookies, is 8,192 bytes.
For more information on sites, see “Salesforce Sites” in the Salesforce online help.
Example
The following example creates a class, CookieController, which is used with a Visualforce page (see markup below) to update a counter each time a user displays a page. The number of times a user goes to the page is stored in a cookie.
1// A Visualforce controller class that creates a cookie
2// used to keep track of how often a user displays a page
3public class CookieController {
4
5 public CookieController() {
6 Cookie counter = ApexPages.currentPage().getCookies().get('counter');
7
8 // If this is the first time the user is accessing the page,
9 // create a new cookie with name 'counter', an initial value of '1',
10 // path 'null', maxAge '-1', and isSecure 'true'.
11 if (counter == null) {
12 counter = new Cookie('counter','1',null,-1,true);
13 } else {
14 // If this isn't the first time the user is accessing the page
15 // create a new cookie, incrementing the value of the original count by 1
16 Integer count = Integer.valueOf(counter.getValue());
17 counter = new Cookie('counter', String.valueOf(count+1),null,-1,true);
18 }
19
20 // Set the new cookie for the page
21 ApexPages.currentPage().setCookies(new Cookie[]{counter});
22 }
23
24 // This method is used by the Visualforce action {!count} to display the current
25 // value of the number of times a user had displayed a page.
26 // This value is stored in the cookie.
27 public String getCount() {
28 Cookie counter = ApexPages.currentPage().getCookies().get('counter');
29 if(counter == null) {
30 return '0';
31 }
32 return counter.getValue();
33 }
34}1// Test class for the Visualforce controller
2@isTest
3private class CookieControllerTest {
4 // Test method for verifying the positive test case
5 static testMethod void testCounter() {
6 //first page view
7 CookieController controller = new CookieController();
8 System.assert(controller.getCount() == '1');
9
10 //second page view
11 controller = new CookieController();
12 System.assert(controller.getCount() == '2');
13 }
14}The following is the Visualforce page that
uses the CookieController Apex controller
above. The action {!count} calls the getCount method in the controller
above.
1<apex:page controller="CookieController">
2You have seen this page {!count} times
3</apex:page>Cookie Constructors
The following are constructors for Cookie.
Cookie(name, value, path, maxAge, isSecure)
Creates a new instance of the Cookie class using the specified name, value, path, age,
and the secure setting.
Signature
public Cookie(String name, String value, String path, Integer maxAge, Boolean isSecure)
Parameters
- name
- Type: String
- The cookie name. It can’t be null.
- value
- Type: String
- The cookie data, such as session ID.
- path
- Type: String
- The path from where you can retrieve the cookie.
- maxAge
- Type: Integer
- A number representing how long a cookie is valid for in seconds. If set to less than zero, a session cookie is issued. If set to zero, the cookie is deleted.
- isSecure
- Type: Boolean
- A value indicating whether the cookie can only be accessed through HTTPS (true) or not (false).
Cookie(name, value, path, maxAge, isSecure, SameSite)
Creates a new instance of the Cookie class using
the specified name, value, path, and age, and settings for security and cross-domain
behavior.
Signature
public Cookie(String name, String value, String path, Integer maxAge, Boolean isSecure, String SameSite)
Parameters
- name
- Type: String
- The cookie name. It can’t be null.
- value
- Type: String
- The cookie data, such as session ID.
- path
- Type: String
- The path from where you can retrieve the cookie.
- maxAge
- Type: Integer
- A number representing how long a cookie is valid for in seconds. If set to less than zero, a session cookie is issued. If set to zero, the cookie is deleted.
- isSecure
- Type: Boolean
- A value indicating whether the cookie can only be accessed through HTTPS (true) or not (false).
- SameSite
- Type: String
- The SameSite attribute on a cookie controls its cross-domain behavior. The valid values are None, Lax, and Strict. After the Chrome 80 release, a cookie with a SameSite value of None must also be marked secure by setting a value of None; Secure.
Cookie Methods
The following are methods for Cookie. All are instance methods.
getDomain()
Returns the name of the server making the request.
Signature
public String getDomain()
Return Value
Type: String
getMaxAge()
Returns a number representing how long the cookie is valid
for, in seconds. If set to < 0, a session cookie is issued. If set to 0, the cookie is deleted.
Signature
public Integer getMaxAge()
Return Value
Type: Integer
getName()
Returns the name of the cookie. Can't be null.
Signature
public String getName()
Return Value
Type: String
getPath()
Returns the path from which you can retrieve the cookie.
If null or blank, the location
is set to root, or “/”.
Signature
public String getPath()
Return Value
Type: String
getSameSite()
Returns the value for the SameSite attribute of
the cookie.
Signature
public String getSameSite()
Return Value
Type: String
getValue()
Returns the data captured in the cookie, such as Session
ID.
Signature
public String getValue()
Return Value
Type: String
isSecure()
Returns true if the
cookie can only be accessed through HTTPS, otherwise returns false.
Signature
public Boolean isSecure()
Return Value
Type: Boolean