Cookie Manager

The purpose of the Cookie Manager is to make it possible for you to obtain consent to storing and retrieving data using cookies. This is necessary to comply with a number of different EU directives concerning the right to privacy online.

With the Cookie Manager, you can show explicit and granular information to website users about cookies and cookie categories, before asking them to accept one or more cookies. The Cookie Manager is available from Settings > Web & HTTP > Cookie Manager (Figure 1.1).

Figure 1.1 The Cookie Manager

To use the Cookie Manager:

  • Check Enable cookie manager
  • Select either Template based warnings and a Template (recommended) or Custom. You can also select a template at the website level using the cookies button in the Websites app. This will override the template set here.

After seleting the rendering method, use the Settings (Figure 1.2) to configure the Cookie Manager.

Figure 1.2 Managing cookies

You can:

  • Specify the cookie lifetime for the cookie which stores the visitors opt-in choices
  • Check Disable HttpOnly flag on all cookies to disable the HttpOnly flag being set on all cookies – this is not recommended as it presents a possible security threat
  • Mark some of the cookies as secure cookies – these cookies are only set when the website is accessed via https

Finally, you can add custom cookies to the list – this is only necessary if your cookie is set via custom code. Cookies set via our API (using the CookieManager.SetCookie method) are added to the list automatically.

Below the general settings, a selector allows you to mark some cookies as Tracking cookies. If you need more categories (and you typically do), you can create custom cookie categories – see below.

Secure Cookies & HTTPS

If you blindly enable secure cookies without using HTTPS your backend will break or misbehave as many backend features rely on specific cookies such as TreeShopFilter being set. So don't enable secure cookies without using https.

Cookies can be categorized – as e.g. Marketing cookies, Essential cookies, and so on – which makes it possible to group them appropriately in frontend when asking users to opt-in. A category is basically just a label which is created under Settings > Web and HTTP > Cookie Manager > Cookie categories.

Once the category has been created, a new cookie selector is shown in the cookie manager (Figure 3.1). Simply move cookies from the left-hand column to the right hand column to include it in the category. If a cookie is a member of two categories, both must be accepted in frontend before the cookie is set.

Figure 3.1 A selector for a Cookie Category

Here is an overview of the cookies set by Dynamicweb:

Cookie name

Set by

Used for

Notes

Dynamicweb

Dynamicweb

Functional cookie

Expires 1 year from last visit

Dynamicweb.Session

Dynamicweb

Stores information about the tracking session

Expires after 30 minutes

Dynamicweb.SessionVisitor

Dynamicweb

This cookie stores session information and profiling information used by a the old statistics implementation

Expires 30 minutes after last pageview

Dynamicweb.CookieOptInLevel

Dynamicweb

Set by the cookie manager, contains information about which types of cookies a user allows the system to set.

 

DW_Extranet

Extranet app

This cookie saves a username and password if remember username/password is set. It also remembers autologin.

 

Depending on circumstances, it is also used to store the UserID of the user who is being impersonated by this user

 

DW_ExtranetSessionCookie

Extranet app

This cookie saves a username and a password for the duration of the session

 

Depending on circumstances, it is also used to store the UserID of the user who is being impersonated by this user

HttpOnly = true

Expires when user logs off

Ecom.SelectedLangID.Frontend

 

Ecommerce

Sets the selected ecommerce language for frontend users.

 

EcomCart:CustomCartContext

Ecommerce

Sets the persistent cart context

 

Dynamicweb:Ecom:Notification

Ecommerce

Saves email in cookie to check for back-in-stock notifications registered by anonymous visitors

Expires after 7 days

Dynamicweb:Ecom:Cart:CartSavedFor Later

Ecommerce

Saves the IDs of products removed from cart – they may then be renderes elsewhere using a loop.

 

Dynamicweb:Ecom:Cart

Dynamicweb:Ecom:Cart*

Ecommerce

Saves information about the current cart for anonymous and logged in users – for logged in users the cookie will be called Dynamicweb:Ecom:Cart{UserId}.

 

If order contexts are used the cookie name will also include the name of the order context, e.g. Dynamicweb:Ecom:Cart.OrderContext1.

 

BasicForum

Forum app

Saves data related to subscribing/unsubscribing from a forum thread or category

Expires after 360 days

Personalize

News v2 app

Saves a NewsID of a news item which is set to be rendered in a personalized manner.

Hardcoded to expire 4/7/2037

 

Newsv2 is deprecated

Favorites

News v2 app

If the Personalize cookie is set, this cookie is saved when a personalized template is rendered. – seems to have no content

Expires after 1 month

 

Newsv2 is deprecated

 The following cookies are set by the Dynamicweb Administration (backend):

Cookie name

Set by

Used for

Notes

DownloadToken

File Manager

Set by the file manager in backend when a folder is zipped and downloaded

 

ListUsersPageNumber{Id}

User management

Set to remember which page on a given list of users a backend user is currently viewing.

 

ListUsersPageSize{Id}

User management

Set to remember the total number of pages on a list of users browsed in backend.

 

TreeResetStateRequested

TreeShopFilter

TreeShopFilterApplied

TreeNavigateToNode

Ecommerce

Set by the Ecommerce tree in backend to remember most recently selected shops, filters, groups, etc.

 

Ecom.SelectedLangID.Backend

Ecommerce

Sets the selected Ecommerce language for backend use.

 

Login

Dynamicweb

This cookie is used to remember various properties for users who log into backend, e.g. the selected area, language, and  to remember where in the backend they were if they were logged out and is logging in again