Adobe Experience Manager Sites & More

courtthreeGDC · 10/15/15

It does not seem possible to set a cookie in the client browser by using the standard java Cookie class inside a component.

Consider the follow [very simple] example:

---------------------------------------------------------------------------------------------------------

Cookie mycookie = new Cookie("mycookieName", "mycookieValue");
mycookie.setMaxAge(300);
response.addCookie(mycookie);

---------------------------------------------------------------------------------------------------------

The expected behaviour of this code snippet, when added to any component, is to create a new cookie called "mycookieName" with the value "mycookieValue" in the client browser. However, no cookie is issued in either author or publisher instances.

To reproduce the issue, add the above to an AEM component, activate the page, run it in your browser and observe the developer tools to see what cookies are issued.

I would be incredibly grateful for any assistance or comments on this.

Sham_HC · 10/15/15

Have you whitelisted cookie at http://<host>:<port>/system/console/configMgr/com.adobe.granite.optout.impl.OptOutServiceImpl

View solution in original post

Sham_HC · 10/15/15

Have you whitelisted cookie at http://<host>:<port>/system/console/configMgr/com.adobe.granite.optout.impl.OptOutServiceImpl

smacdonald2008 · 10/15/15

Take a look at this class http://dev.day.com/docs/en/cq/current/javadoc/org/apache/sling/commons/json/http/Cookie.html.

justin_at_adobe · 10/15/15

Hi,

There's nothing preventing you from doing this in general (with the standard Java servlet classes). It could be the OptOut service, as Sham noted, although you should see a log message indicating that the cookie was not added. One thing to consider, however, is that you cannot set a cookie after the response buffer has been flushed. This fails rather loudly. Unless you are confident that the response buffer will never be flushed before your component is executed, you should avoid adding cookies in components. Also, adding cookies like this won't work if the page is cached. For both of these reasons, you should consider setting the cookie in JavaScript instead. Although obviously this depends upon your use case.

Regards,

Justin

courtthreeGDC · 10/15/15

Thanks so much for the reply. I've seen that resource previously. Should I take it to mean that you can't use the standard Java Cookie class. If not, how are you meant to use this class to easily/flexibly get and set cookies? It only has 4 methods, none of which are addCookie(). However, I don't receive an error when using addCookie which makes me think it's available anyway? If so, why wouldn't it work?

courtthreeGDC · 10/15/15

Thanks Sham,

The short answer to that question is "no I haven't". Do you know if it's a default setting that all cookies would be blocked unless explicitly allowed in the white list? I ask because I don't think this has ever been configured so would it block automatically?

courtthreeGDC · 10/15/15

Hi Justin,

Thanks for the response. Sham was right in this case, I have added the cookie to the white list and all is good.

I am interested, however, in your other comments about the dangers of using cookies in this way. Can you tell me a little more about the potential problems you see with setting a cookie in this way - in particular, what circumstances would require the the response buffer to be flushed?

I am very tempted to use javascript but [being a bit old school] I am always sceptical of building core functionality that requires javascript to work or would you say this is less of a concern these days? I mean, using JQuery to animate a news ticker or drop down menu that can be accessed in pure HTML elsewhere is fair enough but a log-in system entirely reliant on javascript intuitively feels wrong.

What do you think?

Adobe Experience Manager Sites & More

Use of custom cookies in components

Learn

Documentation

Community

Support

Resources

Adobe account

Adobe