CF is not for Cookies

While ColdFusion uses cookies in some sophisticated ways (tracking sessions and what not), I found out today that because CF is case insensitive, it is inept at tracking cookies in certain situations.

Say that you have a user interface that uses a JS effects set to do some AJAX loads, but you want the changes made on one page to persist to another. Sounds like a job for cookies to me, and being equally, if not more, smart then me, you use them too.

You code and code, and suddenly one of your cookies completely stops paying attention to you. You set it in JS, you set it in CF... nothing. Then you notice that there are two of the cookie showing up in your list, and you find that you've created 2 cookies on accident, with different cases. CF has no understanding of what to do with this at all. I created an example using the cookie functions found at Quirksmode, the basis of which is:


<script>
    function createCookie(name,value,days) {
        if (days) {
            var date = new Date();
            date.setTime(date.getTime()+(days*24*60*60*1000));
            var expires = "; expires="+date.toGMTString();
        }
        else var expires = "";
        document.cookie = name+"="+value+expires+"; path=/";
    }
    
    function readCookie(name) {
        var nameEQ = name + "=";
        var ca = document.cookie.split(';');
        for(var i=0;i < ca.length;i++) {
            var c = ca[i];
            while (c.charAt(0)==' ') c = c.substring(1,c.length);
            if (c.indexOf(nameEQ) == 0) return c.substring(nameEQ.length,c.length);
        }
        return null;
    }
    
    function eraseCookie(name) {
        createCookie(name,"",-1);
    }
    
    if ( !readCookie('DOG') ) {
        createCookie('DOG', 'barker', 4)
        createCookie('dog', 'test', 4)
        createCookie('Dog', 'test2', 4)
    }
    
    document.write('JS document.cookie string: '+document.cookie+'<br /><br />');
    document.write('JS dog:'+readCookie('dog')+'<br />');
    document.write('JS DOG:'+readCookie('DOG')+'<br />');
    document.write('JS Dog:'+readCookie('Dog')+'<br /><br />');
</script>
<cfif isDefined("cookie.dog")>
    <cfdump var="#cookie#" label="CF Cookie Scope">
    
    CF dog: <cfoutput>#cookie.dog#</cfoutput><br />
    CF DOG: <cfoutput>#cookie.DOG#</cfoutput><br />
    CF Dog: <cfoutput>#cookie.Dog#</cfoutput>
<cfelse>
    Refresh to see cookies. CF processes before the cookies are set.
</cfif>

Run it, then refresh the page.

CF sees all 3 "dog" permutations, but can't distinguish between them to display the value.

Further more, it looks like CF can't delete either "Dog" or "dog". Using the following code multiple times can only remove "DOG" and never touches "Dog".


    <cfcookie name="Dog" value="" expires="now"/>

Basically, because CF expects all cookies to be in UPPER CASE, it can't help you with any that are lower case unless you are trying to read the item AND you have only once instance of that cookie.

PS I know its a bad idea to have two cookies named the same thing with differing cases for design reasons. Thats why I gave an example of an accident causing the problem.

 

Comments

Jon Hartmann, July 2011

I'm Jon Hartmann and I'm a Javascript fanatic, UX/UI evangelist and former ColdFusion master. I blog about mysterious error messages, user interface design questions, and all things baffling and irksome about programming for the web.

Learn more about me.

Post a job. Find one. authenticjobs.com

Interested in becoming a sponsor? Contact me.