Set an HTTP Cookie
Set a custom HTTP cookie
Description
When this step is executed, a cookie string is set that includes the specified parameters and the cookie string is sent back to the HTTP client in the next response.
Configuration
Field | Description |
---|---|
Name | Expression that yields the name used to identify the cookie. |
Value | Expression that yields the value to assign to the cookie. |
Cookie Type | Property which determines the validity period/scope of the cookie. A Session Cookie is valid for the current session and is deleted when the client application closes, while a Persistent Cookie is stored even after the client application closes and it expires after a specified period of time (in seconds) or specified date/time. |
Max Age | Expiration period in seconds for a persistent cookie. Cookie expiration may be configured using either Max Age or Expires (but not both). |
Expires | Expression for the expiration date and time of a persistent cookie. It may yield either an epoch time in milliseconds (e.g., @time.now) or an ISO 8601 formatted string. Cookie expiration may be configured using either Max Age or Expires (but not both). |
Domain | Expression that yields an optional list of domains to which the cookie is allowed to be sent (specified in the syntax described in RFC6265). If specified, the cookies are available on the server and its subdomains. If unspecified, the cookies are available on the server but not on its subdomains. |
Path | Expression that yields an optional list of paths to which the cookie is allowed to be sent (specified in the syntax described in RFC6265). |
Secure | Select Yes to only allow the cookie to be sent to the server via secure connections. Cookie will only be sent to the server when a request is made using SSL and the HTTPS protocol. |
HTTP Only | Select Yes to make the cookie only accessible via HTTP. Cookie will not be accessible via JavaScript through the Document.cookie property, the XMLHttpRequest API, or the Request API. |
Same Site | SameSite policy used to prevent browsers from sending the cookie together with cross-site requests. Default is Disabled.
|