Secure Cookies? HttpOnly; secure

vitalin58577727 06-06-2019

Hello,

our servers are prepared for transaction testing.

Now the IT department said we need to switch the cookie from Adobe Analytics/ Adobe Tag Manager to Secure.

It's about the following:

Set cookie: CookieName=value; path=/; HttpOnly; secure

Quelle:

https://en.wikipedia.org/wiki/Secure_cookie

https://wiki.selfhtml.org/wiki/Grundlagen/sichere_Cookies

How do I set the cookie to Secure? secure-cookies.JPG

Example

At Amazon, some cookies go as safe.

amazon-secure-cookies.JPG

Accepted Solutions (1)

Accepted Solutions (1)

vitalin58577727 16-06-2019

Solutions

Many thanks to everyone together,

One of them was to overwrite all cookies.

function setCookieSecure(name,value,days,domain) {

var expires = "";

if (days) {

var date = new Date();

date.setTime(date.getTime() + (days*24*60*60*1000));

expires = "; expires=" + date.toUTCString();

}

document.cookie = name + "=" + (value || "")  + (expires || "") + "; path=/; domain=" + domain +"; secure";

}

var unsecureCookies = [

{

'matchNameRgxp' : new RegExp( '^AMCV_.*$' ),

'expire' : 731

},

{

'matchNameRgxp' : new RegExp( '^AMCVS_.*$' ),

'expire' : null

},

{

'matchNameRgxp' : new RegExp( '^tp$' ),

'expire' : null

},

{

'matchNameRgxp' : new RegExp( '^adb_mc$' ),

'expire' : null

},

];

if (document.cookie && document.cookie != '') {

var domain = window.location.hostname;

domain = domain.replace(/(www2|www)?/i, '');

var split = document.cookie.split(';');

for (var i = 0; i < split.length; i++) {

var name_value = split[i].split("=");

name_value[0] = name_value[0].replace(/^ /, '');

var cookieName = name_value[0];

var cookieValue = name_value[1];

for (var j = 0; j < unsecureCookies.length; j++) {

var unsecureCookie = unsecureCookies[j];

if( cookieName.match( unsecureCookie.matchNameRgxp ) ) {

setCookieSecure(cookieName, cookieValue, unsecureCookie.expire, domain);

}

}

}

}

The upper solution overwrites all cookies, from Adobe.

And a solution sent to me by the Adobe team.

secureCookies.JPG

Das sollte funktionieren.

Answers (5)

Answers (5)

vitalin58577727 06-06-2019

Hello community,

I received the following answer from Adobe Team.

I would like to implement the code, but unfortunately I don't know where the Marketing ID is?

adobe-marketing-id.JPG

Is this the Marketing Cloud ID?

And where do I have to implement the code?

var visitor = Visitor.getInstance("2924444444444444444444@AdobeOrg",{

        //Set secure cookie property

        secureCookie: true

});

Do I have to implement the code here?

Adobe-appMeasurement-funktion.JPG

Thank you in advance

Vitali

asheeshp
MVP
06-06-2019

Hey Vitalin,

This s_sq cookie is for activity map (the previous link clicked) and s_cc is to read by the JavaScript code to determine if cookies are enabled.

Here is more info - Analytics Cookies

Thanks,

Asheesh