Class Cookie

• TopLevel.Object
  • dw.web.Cookie

Represents an HTTP cookie used for storing information on a client browser. Cookies are passed along in the HTTP request and can be retrieved by calling dw.system.Request.getHttpCookies().

Cookies must comply with RFC6265. We recommend you use only printable ASCII characters without separators, such as a comma or equal sign. If JSON is used as a cookie value, it must be encoded.

Note: this class allows access to sensitive security-related data. Pay special attention to PCI DSS v3. requirements 2, 4, and 12.

See Request.getHttpCookies().

Constant	Description
EMPTYNAME: String = "dw_emptyname__"	Default name for cookies with empty strings.

Property	Description
comment: String	Returns the comment that was previously set for this cookie, or null if no comment was set.
domain: String	Returns the domain associated with the cookie.
httpOnly: Boolean	Identifies if the cookie is http-only.
maxAge: Number	Returns the maximum age of the cookie, specified in seconds.
name: String (read-only)	Returns the cookie's name.
path: String	Returns the path for the cookie.
secure: Boolean	Identifies if the cookie is secure.
value: String	Returns the cookie's value.
version: Number	Returns the version that was previously set for this cookie.

Constructor	Description
Cookie(String, String)	Constructs a new cookie using the specified name and value.

Method	Description
getComment()	Returns the comment that was previously set for this cookie, or null if no comment was set.
getDomain()	Returns the domain associated with the cookie.
getMaxAge()	Returns the maximum age of the cookie, specified in seconds.
getName()	Returns the cookie's name.
getPath()	Returns the path for the cookie.
getSecure()	Identifies if the cookie is secure.
getValue()	Returns the cookie's value.
getVersion()	Returns the version that was previously set for this cookie.
isHttpOnly()	Identifies if the cookie is http-only.
setComment(String)	Sets a comment associated with this cookie.
setDomain(String)	Sets the domain associated with the cookie.
setHttpOnly(Boolean)	Sets the http-only state for the cookie.
setMaxAge(Number)	Sets the maximum age of the cookie in seconds.
setPath(String)	Sets the path for the cookie.
setSecure(Boolean)	Sets the secure state for the cookie.
setValue(String)	Sets the cookie's value.
setVersion(Number)	Returns the version that was previously set for this cookie.

assign, create, create, defineProperties, defineProperty, entries, freeze, fromEntries, getOwnPropertyDescriptor, getOwnPropertyNames, getOwnPropertySymbols, getPrototypeOf, hasOwnProperty, is, isExtensible, isFrozen, isPrototypeOf, isSealed, keys, preventExtensions, propertyIsEnumerable, seal, setPrototypeOf, toLocaleString, toString, valueOf, values

EMPTYNAME: String = "dw_emptyname__"

Default name for cookies with empty strings.

---

comment: String

Returns the comment that was previously set for this cookie, or null if no comment was set. Note that comments are no longer supported in RFC 6265 and will not be sent to clients. This method is maintained for backward compatibility only.

Deprecated:

This method is maintained for backward compatibility only. Cookie comments were removed in RFC 6265 and are no longer sent to clients. The returned value only reflects what was previously set using setComment(String).

No longer available as of version 99.2. This method is deprecated and will be removed in the next API version.

---

domain: String

Returns the domain associated with the cookie.

---

httpOnly: Boolean

Identifies if the cookie is http-only.

---

maxAge: Number

Returns the maximum age of the cookie, specified in seconds. By default, -1 indicating the cookie will persist until client shutdown.

---

name: String (read-only)

Returns the cookie's name.

---

path: String

Returns the path for the cookie.

---

secure: Boolean

Identifies if the cookie is secure.

---

value: String

Returns the cookie's value.

---

version: Number

Returns the version that was previously set for this cookie. Note that the version is no longer used for determining cookie compliance as the system now uses RFC 6265 by default. The returned value only reflects what was previously set using setVersion(Number).

Deprecated:

This method is maintained for backward compatibility only. The version property is no longer used as the system now uses RFC 6265 compliance by default. The returned value has no effect on cookie behavior.

No longer available as of version 99.2. This method is deprecated and will be removed in the next API version.

---

Cookie(name: String, value: String)

Constructs a new cookie using the specified name and value.

Parameters:

• name - the name for the cookie.
• value - the cookie's value.

---

getComment(): String

Returns the comment that was previously set for this cookie, or null if no comment was set. Note that comments are no longer supported in RFC 6265 and will not be sent to clients. This method is maintained for backward compatibility only.

Returns:

• the comment that was previously set, or null if no comment was set

Deprecated:

This method is maintained for backward compatibility only. Cookie comments were removed in RFC 6265 and are no longer sent to clients. The returned value only reflects what was previously set using setComment(String).

No longer available as of version 99.2. This method is deprecated and will be removed in the next API version.

---

getDomain(): String

Returns the domain associated with the cookie.

Returns:

• the domain associated with the cookie.

---

getMaxAge(): Number

Returns the maximum age of the cookie, specified in seconds. By default, -1 indicating the cookie will persist until client shutdown.

Returns:

• an integer specifying the maximum age of the cookie in seconds; if negative, means the cookie persists until client shutdown

---

getName(): String

Returns the cookie's name.

Returns:

• the cookie's name.

---

getPath(): String

Returns the path for the cookie.

Returns:

• the path for the cookie.

---

getSecure(): Boolean

Identifies if the cookie is secure.

Returns:

• true if the cookie is secure, false otherwise.

---

getValue(): String

Returns the cookie's value.

Returns:

• the cookie's value.

---

getVersion(): Number

Returns the version that was previously set for this cookie. Note that the version is no longer used for determining cookie compliance as the system now uses RFC 6265 by default. The returned value only reflects what was previously set using setVersion(Number).

Returns:

• the version number that was set, or 0 if no version was explicitly set

Deprecated:

This method is maintained for backward compatibility only. The version property is no longer used as the system now uses RFC 6265 compliance by default. The returned value has no effect on cookie behavior.

No longer available as of version 99.2. This method is deprecated and will be removed in the next API version.

---

isHttpOnly(): Boolean

Identifies if the cookie is http-only.

Returns:

• true if the cookie is http-only, false otherwise.

---

setComment(comment: String): void

Sets a comment associated with this cookie. Note that comments are no longer sent to clients as they were removed in RFC 6265. This method is maintained for backward compatibility but has no effect on the cookie's behavior.

Parameters:

• comment - the comment to associate with the cookie (ignored)

Deprecated:

This method is maintained for backward compatibility only. Cookie comments were removed in RFC 6265 and will not be sent to clients. The value will be stored but has no effect on cookie behavior.

No longer available as of version 99.2. This method is deprecated and will be removed in the next API version.

---

setDomain(domain: String): void

Sets the domain associated with the cookie.

Parameters:

• domain - the comment associated with the cookie.

---

setHttpOnly(httpOnly: Boolean): void

Sets the http-only state for the cookie.

Parameters:

• httpOnly - sets http-only state for the cookie.

---

setMaxAge(age: Number): void

Sets the maximum age of the cookie in seconds.

A positive value indicates that the cookie will expire after that many seconds have passed. Note that the value is the maximum age when the cookie will expire, not the cookie's current age.

A negative value means that the cookie is not stored persistently and will be deleted when the client exits. A zero value causes the cookie to be deleted.

Parameters:

• age - an integer specifying the maximum age of the cookie in seconds; if negative, means the cookie is not stored; if zero, deletes the cookie

---

setPath(path: String): void

Sets the path for the cookie.

Parameters:

• path - the path for the cookie.

---

setSecure(secure: Boolean): void

Sets the secure state for the cookie.

Parameters:

• secure - sets secure state for the cookie.

---

setValue(value: String): void

Sets the cookie's value.

Parameters:

• value - the value to set in the cookie.

---

setVersion(version: Number): void

Returns the version that was previously set for this cookie. Note that the version is no longer used for determining cookie compliance as the system now uses RFC 6265 by default. The returned value only reflects what was previously set using setVersion(Number).

Returns:

• the version number that was set, or 0 if no version was explicitly set

Deprecated:

This method is maintained for backward compatibility only. The version property is no longer used as the system now uses RFC 6265 compliance by default. The returned value has no effect on cookie behavior.

No longer available as of version 99.2. This method is deprecated and will be removed in the next API version.

---