Set a cookie in your system
<iscookie
name = cookie_name //required
value = cookie_value //required
comment = cookie_use
domain = domain_name
path = pathname
maxAge = cookie_lifetime
version = cookie_spec
secure = "on" | "off"
/>Allowed data type: string or expression.
cookie_name is a string or
expression that specifies a name for the cookie. Names starting with
"$" are not allowed.
Allowed data type: string or expression.
cookie_value is a string or
expression that specifies the value stored by the cookie, such as a
specific user ID.
Allowed data type: string or expression.
Because cookies can contain private information about a user, the comment attribute lets you document the intended use of the cookie. The user can inspect the information to decide whether to accept to accept or not to accept the cookie.
Allowed data type: string or expression.
domain_name specifies the domain
for which the cookie is valid. An explicitly specified domain must
always start with a dot. If not specified, the browser sets the
attribute domain to the domain that issues the cookie.
Allowed data type: string or expression.
pathname specifies the subset of
URLs to which this cookie applies. Pages outside of that path can't
use the cookie.
Allowed data type: integer or expression.
cookie_lifetime defines the
lifetime of the cookie in seconds. The value is a non-negative
decimal integer. After the specified time elapses, the buyer's
browser can discard the cookie. If the value is 0, the cookie will
be deleted. If the value is less than 0, the cookie isn't
persistent and is deleted when the browser exits. The lifetime
of the cookie set by Salesforce B2C Commerce when an anonymous
customer enters the site for the first time adheres to certain
international data storage regulations. The maximum age of this
cookie is 6 months. The lifetime of any cookie set by B2C Commerce is 6 months or less.
Allowed data type: decimal integer or expression.
cookie_spec is a decimal integer
that identifies the version of the specification which the cookie
conforms to. A decimal integer contains any of the digits 0 through
9.
The secure attribute indicates that a cookie must only be
used with a secure server, such as SSL. Default value is
off. Expressions are not allowed.
For programmatically reading and modifying cookies, see also the following classes in the Scripting API documentation:
A cookie is a message given to the web browser by B2C Commerce. A cookie lets you store user-related information on the buyer's system, such as storefront preferences for a single buyer. Cookies can also be used to simplify the login procedure, so buyers don't have to type in their names and passwords each time they access the storefront. To accomplish this, the cookie would store a unique user ID on the buyer's system. After the cookie is stored, the browser returns it every time the buyer requests the URL of the issuing server.
You can't set a cookie's SameSite attribute using the API. The server sets SameSite to None if either the developer sets the cookie's Secure flag or the global security preference Enforce HTTPS is enabled, in which case the Secure flag is also set. Otherwise, the server doesn't set the SameSite attribute and the browser uses its own default SameSite setting. The SameSite attribute is not sent with a cookie if the server detects that the client doesn't correctly interpret the attribute.
The following example shows how to set a cookie that can be used later to identify a customer:
<iscookie
name = "UserID"
value = "${pdict.buyer.UUID}"
comment = "your international customer ID"
domain = ".foo.com"
path = "/acme"
maxAge = "10000"
version = "0"
secure = "on"
/>The following example shows how to use a cookie that is sent with the current request.
<isif condition = "${request.httpCookies['UserID'] != null)}">
<isredirect location = "${URLUtils.url('LoginPanel')}" />
</isif>