dw.web
Class Cookie
dw.web.Cookie
Represents an HTTP cookie used for storing information on a client browser. Cookies are passed along in the HTTP
request and can be retrieved by calling dw.system.Request.getHttpCookies().
Cookies must comply with RFC6265. We recommend you use only printable ASCII characters without separators, such as a
comma or equal sign. If JSON is used as a cookie value, it must be encoded.
Note: this class allows access to sensitive security-related data. Pay special attention to PCI DSS v3.
requirements 2, 4, and 12.
See Request.getHttpCookies().
Constants
EMPTYNAME
:
String = "dw_emptyname__"
Default name for cookies with empty strings.
Properties
comment
:
String
The comment that was previously set for this cookie, or null if no comment was set. Note that comments
are no longer supported in RFC 6265 and will not be sent to clients. This method is maintained for backward
compatibility only.
Deprecated:
This method is maintained for backward compatibility only. Cookie comments were removed in RFC 6265 and are no longer sent to clients. The returned value only reflects what was previously set using setComment(String).
domain
:
String
The domain associated with the cookie.
maxAge
:
Number
The maximum age of the cookie, specified in seconds.
By default, -1 indicating the cookie will persist until client shutdown.
name
:
String
(Read Only)
The cookie's name.
path
:
String
The path for the cookie.
value
:
String
The cookie's value.
version
:
Number
The version that was previously set for this cookie. Note that the version is no longer used for
determining cookie compliance as the system now uses RFC 6265 by default. The returned value only reflects what
was previously set using setVersion(Number).
Deprecated:
This method is maintained for backward compatibility only. The version property is no longer used as the system now uses RFC 6265 compliance by default. The returned value has no effect on cookie behavior.
Constructor Summary
Method Summary
getComment()
:
String
Returns the comment that was previously set for this cookie, or null if no comment was set.
getSecure()
:
boolean
Identifies if the cookie is secure.
getVersion()
:
Number
Returns the version that was previously set for this cookie.
isHttpOnly()
:
boolean
Identifies if the cookie is http-only.
setComment(comment
:
String)
:
void
Sets a comment associated with this cookie.
setHttpOnly(httpOnly
:
boolean)
:
void
Sets the http-only state for the cookie.
setSecure(secure
:
boolean)
:
void
Sets the secure state for the cookie.
setVersion(version
:
Number)
:
void
Returns the version that was previously set for this cookie.
Methods inherited from class
Object
assign, create, create, defineProperties, defineProperty, entries, freeze, fromEntries, getOwnPropertyDescriptor, getOwnPropertyNames, getOwnPropertySymbols, getPrototypeOf, hasOwnProperty, is, isExtensible, isFrozen, isPrototypeOf, isSealed, keys, preventExtensions, propertyIsEnumerable, seal, setPrototypeOf, toLocaleString, toString, valueOf, values
Constructor Detail
Method Detail
getComment
getComment()
:
String
Returns the comment that was previously set for this cookie, or null if no comment was set. Note that comments
are no longer supported in RFC 6265 and will not be sent to clients. This method is maintained for backward
compatibility only.
API Versioned:
No longer available as of version 99.2.
This method is deprecated and will be removed in the next API version.
Deprecated:
This method is maintained for backward compatibility only. Cookie comments were removed in RFC 6265 and are no longer sent to clients. The returned value only reflects what was previously set using setComment(String).
Returns:
the comment that was previously set, or null if no comment was set
getDomain
getDomain()
:
String
Returns the domain associated with the cookie.
Returns:
the domain associated with the cookie.
getMaxAge
getMaxAge()
:
Number
Returns the maximum age of the cookie, specified in seconds.
By default, -1 indicating the cookie will persist until client shutdown.
Returns:
an integer specifying the maximum age of the cookie in seconds; if negative, means the cookie persists until client shutdown
getSecure
getSecure()
:
boolean
Identifies if the cookie is secure.
Returns:
true if the cookie is secure, false otherwise.
getVersion
getVersion()
:
Number
Returns the version that was previously set for this cookie. Note that the version is no longer used for
determining cookie compliance as the system now uses RFC 6265 by default. The returned value only reflects what
was previously set using setVersion(Number).
API Versioned:
No longer available as of version 99.2.
This method is deprecated and will be removed in the next API version.
Deprecated:
This method is maintained for backward compatibility only. The version property is no longer used as the system now uses RFC 6265 compliance by default. The returned value has no effect on cookie behavior.
Returns:
the version number that was set, or 0 if no version was explicitly set
isHttpOnly
isHttpOnly()
:
boolean
Identifies if the cookie is http-only.
Returns:
true if the cookie is http-only, false otherwise.
setComment
setComment(comment
:
String)
:
void
Sets a comment associated with this cookie. Note that comments are no longer sent to clients as they were removed
in RFC 6265. This method is maintained for backward compatibility but has no effect on the cookie's behavior.
API Versioned:
No longer available as of version 99.2.
This method is deprecated and will be removed in the next API version.
Deprecated:
This method is maintained for backward compatibility only. Cookie comments were removed in RFC 6265 and will not be sent to clients. The value will be stored but has no effect on cookie behavior.
Parameters:
comment
-
the comment to associate with the cookie (ignored)
setDomain
setDomain(domain
:
String)
:
void
Sets the domain associated with the cookie.
Parameters:
domain
-
the comment associated with the cookie.
setHttpOnly
setHttpOnly(httpOnly
:
boolean)
:
void
Sets the http-only state for the cookie.
Parameters:
httpOnly
-
sets http-only state for the cookie.
setMaxAge
setMaxAge(age
:
Number)
:
void
Sets the maximum age of the cookie in seconds.
A positive value indicates that the cookie will expire after that many
seconds have passed. Note that the value is the maximum age when the
cookie will expire, not the cookie's current age.
A negative value means that the cookie is not stored persistently and
will be deleted when the client exits. A zero value causes the
cookie to be deleted.
Parameters:
age
-
an integer specifying the maximum age of the cookie in seconds; if negative, means the cookie is not stored; if zero, deletes the cookie
setPath
setPath(path
:
String)
:
void
Sets the path for the cookie.
Parameters:
path
-
the path for the cookie.
setSecure
setSecure(secure
:
boolean)
:
void
Sets the secure state for the cookie.
Parameters:
secure
-
sets secure state for the cookie.
setValue
setValue(value
:
String)
:
void
Sets the cookie's value.
Parameters:
value
-
the value to set in the cookie.
setVersion
setVersion(version
:
Number)
:
void
Returns the version that was previously set for this cookie. Note that the version is no longer used for
determining cookie compliance as the system now uses RFC 6265 by default. The returned value only reflects what
was previously set using setVersion(Number).
API Versioned:
No longer available as of version 99.2.
This method is deprecated and will be removed in the next API version.
Deprecated:
This method is maintained for backward compatibility only. The version property is no longer used as the system now uses RFC 6265 compliance by default. The returned value has no effect on cookie behavior.
Parameters:
version
-
No Comment In JavaDoc
Returns:
the version number that was set, or 0 if no version was explicitly set
© Copyright 2000-2026, salesforce.com inc. All rights reserved. Various trademarks held by their respective owners.