Cookie Manager

The purpose of the Cookie Manager is to make it possible for you to obtain consent to storing and retrieving data using cookies. This is necessary to comply with a number of different EU directives concerning the right to privacy online.

With the Cookie Manager, you can show explicit and granular information to website users about cookies and cookie categories, before asking them to accept one or more cookies. The Cookie Manager is available from Settings > Web & HTTP > Cookie Manager (Figure 1.1).

Figure 1.1 The Cookie Manager

To use the Cookie Manager:

Check Enable cookie manager
Select either Template based warnings and a Template (recommended) or Custom. You can also select a template at the website level using the cookies button in the Websites app. This will override the template set here.

After seleting the rendering method, use the Settings (Figure 1.2) to configure the Cookie Manager.

Figure 1.2 Managing cookies

You can:

Specify the cookie lifetime for the cookie which stores the visitors opt-in choices
Check Disable HttpOnly flag on all cookies to disable the HttpOnly flag being set on all cookies – this is not recommended as it presents a possible security threat
Mark some of the cookies as secure cookies – these cookies are only set when the website is accessed via https

Finally, you can add custom cookies to the list – this is only necessary if your cookie is set via custom code. Cookies set via our API (using the CookieManager.SetCookie method) are added to the list automatically.

Below the general settings, a selector allows you to mark some cookies as Tracking cookies. If you need more categories (and you typically do), you can create custom cookie categories – see below.

Secure Cookies & HTTPS

If you blindly enable secure cookies without using HTTPS your backend will break or misbehave as many backend features rely on specific cookies such as TreeShopFilter being set. So don't enable secure cookies without using https.

Cookie Categories

Cookies can be categorized – as e.g. Marketing cookies, Essential cookies, and so on – which makes it possible to group them appropriately in frontend when asking users to opt-in. A category is basically just a label which is created under Settings > Web and HTTP > Cookie Manager > Cookie categories.

Once the category has been created, a new cookie selector is shown in the cookie manager (Figure 3.1). Simply move cookies from the left-hand column to the right hand column to include it in the category. If a cookie is a member of two categories, both must be accepted in frontend before the cookie is set.

Figure 3.1 A selector for a Cookie Category

Dynamicweb Cookies

Here is an overview of the cookies set by Dynamicweb:

Cookie name	Set by	Used for	Notes
Dynamicweb	Dynamicweb	Functional cookie	Expires 1 year from last visit
Dynamicweb.Session	Dynamicweb	Stores information about the tracking session	Expires after 30 minutes
Dynamicweb.SessionVisitor	Dynamicweb	This cookie stores session information and profiling information used by a the old statistics implementation	Expires 30 minutes after last pageview
Dynamicweb.CookieOptInLevel	Dynamicweb	Set by the cookie manager, contains information about which types of cookies a user allows the system to set.
DW_Extranet	Extranet app	This cookie saves a username and password if remember username/password is set. It also remembers autologin. Depending on circumstances, it is also used to store the UserID of the user who is being impersonated by this user
DW_ExtranetSessionCookie	Extranet app	This cookie saves a username and a password for the duration of the session Depending on circumstances, it is also used to store the UserID of the user who is being impersonated by this user	HttpOnly = true Expires when user logs off
Ecom.SelectedLangID.Frontend	Ecommerce	Sets the selected ecommerce language for frontend users.
EcomCart:CustomCartContext	Ecommerce	Sets the persistent cart context
Dynamicweb:Ecom:Notification	Ecommerce	Saves email in cookie to check for back-in-stock notifications registered by anonymous visitors	Expires after 7 days
Dynamicweb:Ecom:Cart:CartSavedFor Later	Ecommerce	Saves the IDs of products removed from cart – they may then be renderes elsewhere using a loop.
Dynamicweb:Ecom:Cart Dynamicweb:Ecom:Cart*	Ecommerce	Saves information about the current cart for anonymous and logged in users – for logged in users the cookie will be called Dynamicweb:Ecom:Cart{UserId}. If order contexts are used the cookie name will also include the name of the order context, e.g. Dynamicweb:Ecom:Cart.OrderContext1.
BasicForum	Forum app	Saves data related to subscribing/unsubscribing from a forum thread or category	Expires after 360 days
Personalize	News v2 app	Saves a NewsID of a news item which is set to be rendered in a personalized manner.	Hardcoded to expire 4/7/2037 Newsv2 is deprecated
Favorites	News v2 app	If the Personalize cookie is set, this cookie is saved when a personalized template is rendered. – seems to have no content	Expires after 1 month Newsv2 is deprecated

The following cookies are set by the Dynamicweb Administration (backend):

Cookie name	Set by	Used for	Notes
DownloadToken	File Manager	Set by the file manager in backend when a folder is zipped and downloaded
ListUsersPageNumber{Id}	User management	Set to remember which page on a given list of users a backend user is currently viewing.
ListUsersPageSize{Id}	User management	Set to remember the total number of pages on a list of users browsed in backend.
TreeResetStateRequested TreeShopFilter TreeShopFilterApplied TreeNavigateToNode	Ecommerce	Set by the Ecommerce tree in backend to remember most recently selected shops, filters, groups, etc.
Ecom.SelectedLangID.Backend	Ecommerce	Sets the selected Ecommerce language for backend use.
Login	Dynamicweb	This cookie is used to remember various properties for users who log into backend, e.g. the selected area, language, and to remember where in the backend they were if they were logged out and is logging in again