Set Response Cookie
With this behavior enabled, you can set a cookie to send with the response to the client.
How it works
There are two types of cookies you can set. You can either predetermine the cookie value or set a unique stamp:
- A fixed cookie that you can specify in this interface. The cookie is set on the end-user device only if it isn't already present.
- A unique cookie—the cookie value contains a unique representation of the time and origin for the cookie. You would generally configure this cookie to be used only if it isn't already present in the client request and client cookies are logged for each request. This may help you identify the number of unique users or analyze client sessions within a website.
Features and options
| Field | What it does | Sub-options |
|---|---|---|
| Cookie Name | Specify the name of the cookie, which serves as a key to determine if the cookie is set. | |
| Set Response Cookie | Enable or disable setting a response cookie. | |
| Type of Cookie | Specify the cookie type you want to assign. |
|
| Value | With Type of Cookie set to Fixed, you can specify the cookie value. | |
| Type of unique stamp | With Type of Cookie set to Unique, you can select the type of unique stamp. See Types of unique stamps for more details. |
|
| Domain | Select what domain type you want to use. |
|
| Cookie Domain | With the Domain set to Specific, you can set the domain for which the cookie is valid. For example, example.com makes the cookie valid for that hostname and all subdomains. | |
| Path | Select the path you want to use. |
|
| Cookie Path | With Path set to Specific, you can specify the path for which the cookie is valid. To use the current path, specify the {{builtin.AK_PATH}} variable. Only requests from the browser with a matching path, including subdirectories, will send the cookie in the request. | |
| Expiration | Specify when the cookie expires. |
|
| Expire Date | With Expiration set to Fixed Time/Date, you can set when the cookie expires as a UTC date and time. | |
| Duration | With Expiration set to Duration, you can set the cookie’s lifetime. | |
| SameSite | This option controls the SameSite cookie attribute that reduces the risk of cross-site request forgery attacks. |
|
| Secure | When enabled, sets the cookie’s Secure flag to transmit it with HTTPS. | |
| HttpOnly | When enabled, includes the HttpOnly attribute in the Set-Cookie response header to mitigate the risk of client-side scripts accessing the protected cookie, if the browser supports it. |
Types of unique stamps
You can choose between two formats for the unique stamp. The cookie's value becomes a unique identifier constructed by the Akamai server from the following fields:
-
Akamai Format Value:
-
The Akamai server's IP address
-
The current process ID
-
The current time as seconds
-
The decimal part of the current time
-
A counter
-
The cookie's value is based on the hex value of the binary representation of the above fields. The combination of these fields ensures that the cookies are always different.
-
Apache Format Value:
-
The server's IP address
-
The current process ID
-
Cookie generation time (in seconds since Unix epoch time - 10 digits)
-
Cookie generation time milliseconds (the milliseconds part of the epoch time - 3 digits)
-
An example Apache format value: Apache=63.116.109.10.114111027639937737
Updated over 1 year ago