ad_set_cookie (public)

 ad_set_cookie [ -replace replace ] [ -secure secure ] \
    [ -expire expire ] [ -max_age max_age ] [ -domain domain ] \
    [ -path path ] [ -discard discard ] [ -scriptable scriptable ] \
    [ -samesite samesite ] name [ value ]

Defined in packages/acs-tcl/tcl/utilities-procs-naviserver.tcl

Sets a cookie. Cookies are name/value pairs stored in a client's browser and are typically sent back to the server of origin with each request.

Switches:
-replace (optional, defaults to "f")
forces the current output headers to be checked for the same cookie. If the same cookie is set for a second time without the replace option being specified, the client will receive both copies of the cookie.
-secure (optional, defaults to "f")
specifies to the user agent that the cookie should only be transmitted back to the server of secure transport.
-expire (optional, defaults to "f")
specifies whether we should expire (clear) the cookie. Setting Max-Age to zero ought to do this, but it doesn't in some browsers (tested on IE 6).
-max_age (optional)
specifies the maximum age of the cookies in seconds (consistent with RFC 2109). max_age "inf" specifies cookies that never expire. The default behavior is to issue session cookies.
-domain (optional)
specifies the domain(s) to which this cookie applies. See RFC2109 for the semantics of this cookie attribute.
-path (optional, defaults to "/")
specifies a subset of URLs to which this cookie applies. It must be a prefix of the URL being accessed.
-discard (optional, defaults to "f")
instructs the user agent to discard the cookie when the user agent terminates.
-scriptable (optional, defaults to "t")
If the scriptable option is false or not given the cookie is unavailable to JavaScript on the client. This can prevent cross site scripting attacks (XSS) on clients which support the HttpOnly option. Set -scriptable to true if you need to access the cookie via javascript. For compatibility reasons with earlier versions, OpenACS 5.8 has the default set to "true". OpenACS 5.9 will have the flag per default set to "false".
-samesite (optional, defaults to "none")
Parameters:
name (required)
value (optional)
is automatically URL encoded.
See Also:

Partial Call Graph (max 5 caller/called nodes):
%3 test_cookie_consent__setup cookie_consent__setup (test cookie-consent) ad_set_cookie ad_set_cookie test_cookie_consent__setup->ad_set_cookie test_test_set_cookie_procs test_set_cookie_procs (test acs-tcl) test_test_set_cookie_procs->ad_set_cookie acs::icanuse acs::icanuse (public) ad_set_cookie->acs::icanuse ad_set_signed_cookie ad_set_signed_cookie (public) ad_set_signed_cookie->ad_set_cookie lang::user::set_locale lang::user::set_locale (public) lang::user::set_locale->ad_set_cookie packages/acs-subsite/lib/user-new.tcl packages/acs-subsite/ lib/user-new.tcl packages/acs-subsite/lib/user-new.tcl->ad_set_cookie

Testcases:
test_set_cookie_procs, cookie_consent__setup
[ show source ]
Show another procedure: