The following is the Model object shared between two controllers and works well using Chrome and Mozilla browsers:
PortalTest.cls
// @params
/* 'cookieCheck',
_,
86400,
false */
public static void createCookie(string cookieName,string cookieValue,integer maxAgeInSeconds,boolean isHttpsOnly){
ApexPages.currentPage().setCookies(new Cookie[]{new Cookie(
cookieName,
cookieValue,
'.force.',
maxAgeInSeconds,
isHttpsOnly
)});
}//END
public static void createNewCookie(String user,String cookieName){
// create cookie
PortalCheck.createCookie(cookieName,user+','+'123',86400,true);
}
public static Cookie getCookie(string cookieName){
system.debug('&&&&&&&& Portal.getCookie('+cookieName+') &&&&&&&&');
Cookie thisCookie=ApexPages.currentPage().getCookies().get(cookieName);
system.debug('&&&..... thisCookie = '+string.valueOf(thisCookie)); // coming null for IE while Chrome and Mozilla returns System.Cookie[cookieCheck=test,123;path=/;expires=-1;isSecure=true]
return thisCookie;
}//END getCookie()
For the first controller the invocation is like: PortalCheck.createNewCookie('test','cookieCheck'); and then redirected to a new page which again invokes the getCookie() method with the same cookieName as PortalCheck.getCookie('cookieCheck'); from the second controller.
So, the above Model class is shared among two controllers – The first controller is setting the cookies into it and second one is fetching cookies out of it. It works well for Chrome and Mozilla browsers but it always gives the null result during getCookie(); method invocation for MS Internet Explorer.
Please let me know what I'm doing wrong or let me know if anything can be fixed using the above approach.
Its working fine if we simply let the Controllers do the setCookies and getCookie using IE.
EDIT Please refer to the link to repository.
PS: I have checked for almost each version of IE: 7, 8, 9 and 11. Also, checked all the options under Privacy–>advanced and also, added the sites as:
Privacy–>sites and putting all the possible links available for the org as well as vf pages.
Best Answer
I am pretty sure it works if you change the '.force.' to null in your Cookie creation. Just booted Windows, installed a gazillion updates, and then tested it in IE10.
That parameter is the path of the cookie, not the domain. Unfortunately the constructor of the Cookie class seems not to be documented, the best 'documentation' I found from Salesforce is in the example code of the documentation.
What's interesting is that Chrome and Firefox seem to ignore the path value '.force.' as it doesn't look like a proper path (maybe they only take it into account if it starts with a slash) while IE does not store the cookie as it doesn't match the path. Looking at RFC 6265 it seems that IE gets it wrong (Who would've thought ...):