Monday, May 14, 2012

Cookie path creation always at the web server root !!

If you use the default settings on cookie, it creates the cookies at the web server context. In WebSphere commerce that would create the cookies at /webapp/wcs/stores/servlet with default settings. This is usually not a problem for most scenarios but if you have a scenario when there is a canonical URL e.g for SEO,  that does not start with /webapp/wcs/stores/servlet. The HTTP response stops carrying the cookies to the browser and you will start seeing issues in the site where you have code that depends on the cookie.


Sample code to create a custom cookie at the root:
String value="custom_cookie_value";
Cookie customCookie = new Cookie("CustomCookie",value);
customCookie.setPath("/");
Even though this is a simple thing to fix, it could be hard to debug. As a best practice, always create custom cookies at the root and out of the box cookies are always created at the root.


Primer on cookies:
A cookie is a application specific data stored as a separate file for each domain in the browser. There are 2 types, session cookies and persistent cookies. Session cookies are used to log information that are eventually erased after the life cycle of a session, e.g Based on a users Login, if you want to show certain attributes or mini-carts and are deleted on LogOff.
Persistent cookies are store for much longer period and are useful for things like RememberMe functionality.


Validation rules to pass the cookies back to web-server:
A cookie is sent back from browser to web-server based on certain events when it matches the Domain, Path and port of the server in cookie.
Cookie can have a secure attribute set if it is on HTTPS.
Each cookie has a Max-Age and the browser would not send back expired cookies.

2 comments:

  1. Fantastic blog you have here. You’ll discover me looking at your stuff often. Saved! website search engine marketing

    ReplyDelete
  2. Awesome article! I want people to know just how good this information is in your article. It’s interesting, compelling content. Your views are much like my own concerning this subject. search engine algorithm

    ReplyDelete