Atozed Forums

Full Version: Tracking cookies
You're currently viewing a stripped down version of our content. View the full version with proper formatting.
Hi Alexandre,

Finally I upgraded a very old application from Delphi 2010 to Sydney. Of course the Intraweb version changed accordingly. 

I noticed (and Haproxy did) the session tracking cookie IW_CustomTrackID has changed in something else (referencing the application). Is it possible to add (globally) an extra sessionrelated cookie by the name IW_CustomTrackID ? 

best regards,
Gerrit
Are you looking for IW plumbing for cookies? Try
webapplication.Response.Cookies.Add()
webapplication.Request.CookieFields.Values[]

etc.

There may be example code in the demos but I'll have to look later.

Dan
Hi Dan,

Thanks for your quick reply. I had already found a solution like this one, but when I include it in an IWAppFormCreate or IWAppFormRender of a form or in the IWUserSessionBaseCreate of a user session, I don't see my cookies appear.

I'm not sure a cookie added to the WebApplication.Response will last for the whole usersession ? Where best (preferably for all the forms in my application at the same time) to include such a statement ?

Webapplication.Response.Cookies.Add(THttpCookie.create('gerrit','test',webapplication.cookiepath,-1,true,true)));

(I tried it without HttpOnly and secure options as well...)

best greeting,
Gerrit

Hi Dan,

After a short night's sleep, the best ideas emerge. I came up with this myself...

The -1 resulted in an already expired cookie. I now use 0 to make it a session cookie. The cookie is added once in the IWServerControllerBaseGetSessionID of the servercontroller. After assigning a new session ID, I create the cookie, which will be there throughout the whole session in all forms. My Haproxy configuration, still supporting the old IW_CustomTrackID, now knows how to handle these new sessions as well.

procedure TIWServerController.IWServerControllerBaseGetSessionID
(ASession: TIWApplication; var VNewSessionID: string);
begin
VNewSessionID := ....; // Do here whatever you like
Asession.ResetApplicationID; // Not sure this is needed, but it works ;-)
Asession.Response.Cookies.AddCookie('IW_CustomTrackID',VnewSessionID,'',0,true,true); // Defining the IW_CustomTrackID cookie
end;

Thanks for your inspiration ! Have a great day

best regards,
Gerrit
Yes, -1 = expired and 0 = session.

Glad you solved it, thanks for following up.
The third parameter (you are setting 0 for session cookie) is "ExpireOn". So, you can set that for the date/time you wish for the cookie to expire if you want to leave a cookie for another session later.

It is TDateTime format using UTC. You can get the current time (Now equivalent GMT) as:
(GMTST: Windows.TSystemTime)
windows.GetSystemTime(GMTST);
result:=Sysutils.SystemTimeToDateTime(GMTST);

Dan
(01-05-2021, 06:21 AM)gerritschurer Wrote: [ -> ]Hi Dan,

Thanks for your quick reply. I had already found a solution like this one, but when I include it in an IWAppFormCreate or IWAppFormRender of a form or in the IWUserSessionBaseCreate of a user session, I don't see my cookies appear.

I'm not sure a cookie added to the WebApplication.Response will last for the whole usersession ? Where best (preferably for all the forms in my application at the same time) to include such a statement ?

Webapplication.Response.Cookies.Add(THttpCookie.create('gerrit','test',webapplication.cookiepath,-1,true,true)));

(I tried it without HttpOnly and secure options as well...)

best greeting,
Gerrit

Hi Dan,

After a short night's sleep, the best ideas emerge. I came up with this myself...

The -1 resulted in an already expired cookie. I now use 0 to make it a session cookie. The cookie is added once in the IWServerControllerBaseGetSessionID of the servercontroller. After assigning a new session ID, I create the cookie, which will be there throughout the whole session in all forms. My Haproxy configuration, still supporting the old IW_CustomTrackID, now knows how to handle these new sessions as well.

procedure TIWServerController.IWServerControllerBaseGetSessionID
  (ASession: TIWApplication; var VNewSessionID: string);
begin
    VNewSessionID := ....;  // Do here whatever you like
    Asession.ResetApplicationID;  // Not sure this is needed, but it works ;-)
    Asession.Response.Cookies.AddCookie('IW_CustomTrackID',VnewSessionID,'',0,true,true); // Defining the IW_CustomTrackID cookie
end;

Thanks for your inspiration ! Have a great day

best regards,
Gerrit

Hi Gerrit,

Not sure exactly what your requirements are...

ResetApplicationID method forces IW to generate a new session ID for the session, but in your example, it shouldn't be needed at all (because the session manager has just generated a fresh session ID before triggering that event).
Are you assigning a new VNewSessionID on that line (where there is a comment // Do here whatever you like)?