SetCookie - cWebApp

Used to update a cookie key

Type: Procedure

Parameters: String sName String sValue Integer iOptExpires String sOptPath String sOptDomain Boolean bOptSecure Boolean bOptHttpOnly String sOptSameSite

ParameterDescription
sNameName of the cookie key
sValueNew value for the cookie key
iOptExpires(Optional) Number of hours before the cookie expires (0 = session).
sOptPath(Optional) A cookie can be placed for a specific path ('/' for the entire domain). Determines with which requests cookies are sent to the server.
sOptDomain(Optional) Domain for which the cookie is set.
bOptSecure(Optional) If True, the cookie is set as a secure cookie so it is only sent with HTTPS connections.
sOptHttpOnly(Optional) If True, the cookie is set as a http only cookie so that it is not accessible from JavaScript.
sOptSameSite(Optional) Specifies the SameSite attribute, defaults to "Lax" if omitted.


Syntax
Procedure SetCookie String sName String sValue Integer iOptExpires String sOptPath String sOptDomain Boolean bOptSecure Boolean bOptHttpOnly String sOptSameSite

Call: Send SetCookie sName sValue iOptExpires sOptPath sOptDomain bOptSecure bOptHttpOnly sOptSameSite


Description

SetCookie is used to update a cookie key's value and expiration time.

Note that SetCookie adds the Set-Cookie HTTP response header. This means that GetCookie will not return the new value until the next request.


SameSite Cookie Attribute

The SameSite attribute of the SetCookie HTTP response header allows you to declare if your cookie should be restricted to a first-party or same-site context.

Valid Values are:

ConstantMeaning
LaxCookies are not sent on normal cross-site subrequests (for example to load images or frames into a third party site), but are sent when a user is navigating to the origin site (i.e., when following a link).
StrictCookies will only be sent in a first-party context and not be sent along with requests initiated by third party websites.
NoneCookies will be sent in all contexts, i.e. in responses to both first-party and cross-site requests. If SameSite=None is set, the cookie Secure attribute must also be set (or the cookie will be blocked).


You can set the SameSite attribute of a cookie in the sOptSameSite parameter. The default value of sOptSameSite (if omitted) is "Lax".

See Also

psSessionCookieSameSite | psSessionCookieName | psSessionCookiePath | psSessionCookieDomain