How to send a cookie after response.sendRedirect ()?

Question

How to send a cookie after response.sendRedirect ()?

I am redirecting the user to some kind of URL and I want to send him a cookie:

Cookie cookie = new Cookie("CADASTROADM", "someValue"); cookie.setPath("/"); cookie.setMaxAge(129600); //With it or without, makes no difference. URL urlToRedirect = new URL(pageToRedirect); cookie.setDomain(urlToRedirect.getHost());//With it or without, makes no difference. response.addCookie(cookie); response.sendRedirect(pageToRedirect);

However, when it is redirected to the page, the cookie does not exist. I cannot use requestDispatcher.forward () because I am redirecting the user to an absolute page.

Is it possible? What am I doing wrong?

+4

java redirect cookies servlets

thevoyager Aug 08 '12 at 20:46

source share

1 answer

Balusc · Accepted Answer · 2012-08-09T00:44:19+0000

Cookies can be set either only for the same domain or subdomain where the request is sent. Otherwise, it is a huge security hole.

So, if you are redirected to another domain, then the cookie will be unavailable. If you explicitly set a cookie domain for this other domain, it will be ignored. If you do not explicitly set a cookie domain (and thus, by default the same domain where the request was sent), it will be available only for the current domain, and not for the redirected domain.

You need to look for alternative methods, depending on the specific functional requirement. It is hard to imagine, since you did not say anything about a specific functional requirement in your question. Perhaps you just need to send a specific request parameter along?

How to send a cookie after response.sendRedirect ()?

More articles: