SOLVED
Secure Cookies? HttpOnly; secure
Hello,
our servers are prepared for transaction testing.
Now the IT department said we need to switch the cookie from Adobe Analytics/ Adobe Tag Manager to Secure.
It's about the following:
Set cookie: CookieName=value; path=/; HttpOnly; secure
Quelle:
https://en.wikipedia.org/wiki/Secure_cookie
https://wiki.selfhtml.org/wiki/Grundlagen/sichere_Cookies
How do I set the cookie to Secure?
Example
At Amazon, some cookies go as safe.
1 Accepted Solution
Correct answer by
Solutions
Many thanks to everyone together,
One of them was to overwrite all cookies.
function setCookieSecure(name,value,days,domain) {
var expires = "";
if (days) {
var date = new Date();
date.setTime(date.getTime() + (days*24*60*60*1000));
expires = "; expires=" + date.toUTCString();
}
document.cookie = name + "=" + (value || "") + (expires || "") + "; path=/; domain=" + domain +"; secure";
}
var unsecureCookies = [
{
'matchNameRgxp' : new RegExp( '^AMCV_.*$' ),
'expire' : 731
},
{
'matchNameRgxp' : new RegExp( '^AMCVS_.*$' ),
'expire' : null
},
{
'matchNameRgxp' : new RegExp( '^tp$' ),
'expire' : null
},
{
'matchNameRgxp' : new RegExp( '^adb_mc$' ),
'expire' : null
},
];
if (document.cookie && document.cookie != '') {
var domain = window.location.hostname;
domain = domain.replace(/(www2|www)?/i, '');
var split = document.cookie.split(';');
for (var i = 0; i < split.length; i++) {
var name_value = split[i].split("=");
name_value[0] = name_value[0].replace(/^ /, '');
var cookieName = name_value[0];
var cookieValue = name_value[1];
for (var j = 0; j < unsecureCookies.length; j++) {
var unsecureCookie = unsecureCookies[j];
if( cookieName.match( unsecureCookie.matchNameRgxp ) ) {
setCookieSecure(cookieName, cookieValue, unsecureCookie.expire, domain);
}
}
}
}
The upper solution overwrites all cookies, from Adobe.
And a solution sent to me by the Adobe team.
Das sollte funktionieren.
Hello community,
I received the following answer from Adobe Team.
I would like to implement the code, but unfortunately I don't know where the Marketing ID is?
Is this the Marketing Cloud ID?
And where do I have to implement the code?
var visitor = Visitor.getInstance("2924444444444444444444@AdobeOrg",{
//Set secure cookie property
secureCookie: true
});
Do I have to implement the code here?
Thank you in advance
Vitali
I have now integrated the function as follows.
Did someone look over it and say if that's OK?
Thank you in advance
Correct answer by
Solutions
Many thanks to everyone together,
One of them was to overwrite all cookies.
function setCookieSecure(name,value,days,domain) {
var expires = "";
if (days) {
var date = new Date();
date.setTime(date.getTime() + (days*24*60*60*1000));
expires = "; expires=" + date.toUTCString();
}
document.cookie = name + "=" + (value || "") + (expires || "") + "; path=/; domain=" + domain +"; secure";
}
var unsecureCookies = [
{
'matchNameRgxp' : new RegExp( '^AMCV_.*$' ),
'expire' : 731
},
{
'matchNameRgxp' : new RegExp( '^AMCVS_.*$' ),
'expire' : null
},
{
'matchNameRgxp' : new RegExp( '^tp$' ),
'expire' : null
},
{
'matchNameRgxp' : new RegExp( '^adb_mc$' ),
'expire' : null
},
];
if (document.cookie && document.cookie != '') {
var domain = window.location.hostname;
domain = domain.replace(/(www2|www)?/i, '');
var split = document.cookie.split(';');
for (var i = 0; i < split.length; i++) {
var name_value = split[i].split("=");
name_value[0] = name_value[0].replace(/^ /, '');
var cookieName = name_value[0];
var cookieValue = name_value[1];
for (var j = 0; j < unsecureCookies.length; j++) {
var unsecureCookie = unsecureCookies[j];
if( cookieName.match( unsecureCookie.matchNameRgxp ) ) {
setCookieSecure(cookieName, cookieValue, unsecureCookie.expire, domain);
}
}
}
}
The upper solution overwrites all cookies, from Adobe.
And a solution sent to me by the Adobe team.
Das sollte funktionieren.
Related Conversations
