Skip navigation
Currently Being Moderated

cfcookie not working (CF9)

Nov 23, 2011 10:10 AM

I use this line of CF code to set new cookies :

<cfcookie name="PLARTS_MAIL_USERNAME" value="#trim(form.username)#" expires="410">

 

And i cannot see my cookie in FireFox , or readding it with Javascript,

or using CF read with : <cfparam name="cookie.PLARTS_MAIL_USERNAME" type="string" default="" />

 

It always return "blanc" , not existing.

(I can see other cookies from other Sites).

 

Any idea ? any help thanks.

 
Replies
  • Currently Being Moderated
    Nov 23, 2011 10:39 AM   in reply to plarts

    What happens if you dump out your COOKIE scope immediately after setting it?

    <cfcookie name="PLARTS_MAIL_USERNAME" value="#trim(form.username)#" expires="410">
    <cfdump var="#COOKIE#">

     

     

    Also, you're not doing a <cflocation> on the same page that you are setting your cookie are you?

     
    |
    Mark as:
  • Currently Being Moderated
    Nov 23, 2011 11:58 AM   in reply to plarts

    There are typically 2 common reasons why cookies do not get set in CF applications:

     

    1. The developer is trying to set a cookie and then performs a cflocation redirect.  In this case, the redirect command is sent to the browser and the browser never receives the cookie set command
    2. The user's browser rejects the cookie due to security/privacy issues.  Typically you will see this if the site is missing a P3P privacy policy - many modern browsers reject cookies outright from sites that don't declare their intentions on how they want to use the data.
     
    |
    Mark as:
  • Currently Being Moderated
    Nov 23, 2011 12:41 PM   in reply to plarts

    I think we'd have to see some sample code in order to offer any additional suggestions at this point.

     
    |
    Mark as:
  • Currently Being Moderated
    Nov 24, 2011 4:58 AM   in reply to plarts

    plarts wrote:

     

    I use this line of CF code to set new cookies :

    <cfcookie name="PLARTS_MAIL_USERNAME" value="#trim(form.username)#" expires="410">

     

    And i cannot see my cookie in FireFox , or readding it with Javascript,

    or using CF read with : <cfparam name="cookie.PLARTS_MAIL_USERNAME" type="string" default="" />

     

    It always return "blanc" , not existing.

    (I can see other cookies from other Sites).

     

    Two points:

    1) If your application file is Application.cfm, then give the attribute setClientCookies (in the cfapplication tag) the value "yes". If you're using Application.cfc instead, then give this.setClientCookies the value "yes".

     

    2) I created the following 2 CFM pages, and ran testPage.cfm. It works!

     

    cookiePage.cfm

    <cfcookie name="bkbk" value="testing testing 1, 2, 3" expires="10">

     

    testPage.cfm

    <cfinclude template="cookiePage.cfm">

    <cfdump var="#cookie#">

     
    |
    Mark as:
  • Dave Watts
    747 posts
    Mar 11, 2003
    Currently Being Moderated
    Nov 24, 2011 3:16 PM   in reply to insuractive

    There are typically 2 common reasons why cookies do not get set in CF applications:

     

    1. The developer is trying to set a cookie and then performs a cflocation redirect.  In this case, the redirect command is sent to the browser and the browser never receives the cookie set command

     

    This has not been true in CF for quite some time. Modern versions of CF can set a cookie and a redirect header in the same HTTP response. Also, this was a limitation in earlier versions of CF, rather than a browser limitation.

     

    Dave Watts, CTO, Fig Leaf Software

     
    |
    Mark as:
  • Currently Being Moderated
    Nov 25, 2011 12:00 AM   in reply to plarts

    plarts wrote:

    ...

    outside my application, all is working well. (small testing)

    Inside my application, not.

     

    ...

     

    In same application, I use another cookie elsewhere, all is working fine.

    It is confusing what you describe as "inside" and "outside" of your application. Could you please explain how you tell the difference. It might be that one part of your code is setting the cookie, whereas another is deleting it.

     
    |
    Mark as:
  • Currently Being Moderated
    Nov 25, 2011 6:15 AM   in reply to plarts

    plarts wrote:

     

    Outside the application, means individual programs for testing, working well.

    Inside the application, means among more complex programs, where cookies are deleted after having been created

    when going to another page. And no command for deleting these Cookies exist.

    I see now. I will recommend that you create a session variable right after setting the cookie, for example,

     

    <cfset session.testVar = "Session test">

     

    Then test (at the same page where you test for cookies) to see whether the session variable is disappearing as well.

     
    |
    Mark as:
  • Currently Being Moderated
    Nov 26, 2011 4:42 AM   in reply to plarts

    plarts wrote:

     

    At same time, same page, some session variables are set,

    but they do not desappear.

    Your application therefore maintains session from one page to the next. That could only have happened because the session cookies CFID and CFToken were not deleted. So we know at least some cookies survive.

     

    To return to the beginning, what are you using to view the cookies? As Insuractive rightly said, a browser can, for whatever reason, exclude cookies. So your problem could very well be caused by the browser. What's the browser type?

     

    To rule this out as a ColdFusion problem, we will have to return to another of Insuractive's suggestions: cfdump. On the page where you create the cookies, using your cfset statement, add <cfdump var="#cookie#"> afterwards. Remove the cfparam line.

     

    On every page that you wish to test, add: <cfdump var="#cookie#">.

    What do the dumps reveal?

     
    |
    Mark as:
  • Currently Being Moderated
    Nov 27, 2011 11:53 PM   in reply to plarts

    plarts wrote:

     

    (except : CFID, CFTOKEN, CFGLOBALS)

    i do not know what is CFGLOBALS ?

     

    That means you have enabled the use of client variables and have instructed ColdFusion to store client variables as cookies. ColdFusion would then create the cookies CFID, CFToken and CFGlobals. CFGlobals stores the following global data about the client: HitCount, TimeCreated and LastVisit.

     

    plarts wrote:

     

    Well, I tried this,

    With IE8 , at next page , the login cookies are lost.

    an other cookie for something else is kept. (still alive)

    Close/Open the browser, the other cookie is still there.

     

    With FireFox V8,

    at next page the login cookies are lost, the other is still alive.

    Close/Open the brower, the other cookie is lost. (all lost)

     

    This suggests that your code likely does a cflocation in the same request that creates the login cookie. Insuractive and Dave Watts have mentioned this, too. One more evidence of cflocation is the fact that your cookie code uses a form-variable. This implies that the cookie tag is in the form's action page, before redirection (assuming, of course, there is a redirection).

     

    Check your code for cflocation. The logical place to find it: just after the login validation.

     
    |
    Mark as:
  • Currently Being Moderated
    Nov 27, 2011 11:59 PM   in reply to BKBK

    Assume, following my last post, that cflocation is indeed the cause. Then it requires just a minor change to fix the issue. Something like this

     

    <!--- Login processing and validation. --->

    <!--- Set flag isLoginSuccessful to false, by default. If login succeeds, set it to true --->

    ...

    ...

    <cfset session.username = "">

    <cfif isLoginSuccessful>

        <cfset session.username = trim(form.username)>

        <cflocation url="loginSuccess.cfm">

    </cfif>

    <!--- code to handle case where login failed --->

    ...

    ...

    etc., etc.

     

     

    loginSuccess.cfm


    <cfif isDefined("session.username") and session.username is not "">

       <!--- set 28-day cookie --->

        <cfcookie name="PLARTS_MAIL_USERNAME" value="#session.username#" expires="28">

    </cfif>

     
    |
    Mark as:
  • Currently Being Moderated
    Nov 28, 2011 4:58 AM   in reply to plarts

    Ah, IFrames. This immediately got me thinking about the third-party-cookie problem. What happens when you add the following header to Application.cfm (or alternatively to the onRequeststart method of Application.cfc)?

     

    <cfheader name="P3P" value="CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'">

     
    |
    Mark as:
  • Currently Being Moderated
    Nov 28, 2011 10:45 AM   in reply to plarts

    Incidentally, rename the file Application.cfm

     
    |
    Mark as:
  • Currently Being Moderated
    Nov 28, 2011 12:59 PM   in reply to plarts

    Documentation for <cfflush>:

     

    http://livedocs.adobe.com/coldfusion/8/htmldocs/help.html?content=Tags _f_12.html

     

    Using cfflush prevents any cokies from being set. Makes sense since you are flushing content (including header content) to the browser in a way that probably interferres with normal cookie setting.

     
    |
    Mark as:
  • Currently Being Moderated
    Nov 28, 2011 11:19 PM   in reply to plarts

    plarts wrote:

     

     

    Then I found it :  a CFFLUSH

     

    I have a <cfflush interval=10>

     

    with it, I loose the cookies, if I take it out

    I keep the cookies.

     

    Well done! (I am embarrassed I didn't think of cfflush when you dismissed cflocation)

     
    |
    Mark as:
  • Currently Being Moderated
    Nov 29, 2011 6:19 AM   in reply to plarts

    A common model that many developers use in these cases is to change from a completely CF server-side process to an AJAX-based hybrid of HTML, JavaScript and ColdFusion.

     

    i.e.

     

    1) Your user screen performs an asynchronous request to the CF page responsible for the mail POP using JavaScript

    2) While the request is running, the user screen displays a loading message/graphic

    3) Behind the scenes, your CF page performs the mail POP and returns the data (HTML, JSON, WDDX, etc)

    4) Your user screen receives the response via the AJAX success handler and displays the information to the user.

     

    jQuery makes this whole thing very easy to do, but there are other JavaScript libraries and methods that accomplish the same thing.

     
    |
    Mark as:

More Like This

  • Retrieving data ...

Bookmarked By (0)

Answers + Points = Status

  • 10 points awarded for Correct Answers
  • 5 points awarded for Helpful Answers
  • 10,000+ points
  • 1,001-10,000 points
  • 501-1,000 points
  • 5-500 points