Announcement

**ILoveHostasaurus** · 04-15-21, 03:37 PM

If the site is all-https then you should definitely set those.

That being said, just something to keep in mind; serving of custom content to not-logged-in users can greatly limit scalability if the site in question is ever subject to, or expected to grow to, the point where it receives heavy bursts of traffic. Such a setup, along with the serving of cookies of any type to not-logged-in users, precludes the site from using caching at the web server or CDN level, along with the use of our own redis-based object cache that can be deployed as a module now, but will be a core feature in an upcoming release. These items can have a very significant effect on SEO given they can significantly reduce the TTFB for pages, often a minimum of 5x. There are of course many attractive reasons to want to customize content per shopper, so it's a trade off that must be weighed.

**cpp-dev** · 04-15-21, 03:58 PM

Your point is well taken ILoveHostasaurus , thank you for the insights. This is meant to be a temporary measure, till we can come up with something better.

My initial thoughts are to maybe leverage the Transients feature to cache hold the changes so it's a much smaller change over all. Mostly what will happen is we'll display a new content section, but we need to make sure the visitor is coming from our partner's website.

**cpp-dev** · 04-15-21, 04:01 PM

I have this on a 'dev' page, but when I run

Code:

var allCookies = document.cookie;
console.log(allCookies);
// here's the output
RESS_width=####; _uetsid=b90f131##########8c7c69; _uetvid=b90f5########3045f
undefined

I'm only seeing the cookies that are being set by the theme. Do the Miva cookies get stored some other way?

**dreamingdigital** · 04-15-21, 07:10 PM

Javascript has no access to secure cookes created by Miva. For example combination facet cookies can not be set, removed or read by JavaScript. You have to use the Miva functions. (gave the example so you can sleuth).

How about using browser session storage? You can see the "continue shopping" link on newer Shadows for example of use.

**Bruce - PhosphorMedia** · 04-16-21, 08:42 AM

Got one word for you son...Custom Basket Fields. Works just like a session cookie. Easier to use. No down sides. (unless you are using Deferred Baskets -- maybe.)

**cpp-dev** · 04-16-21, 08:53 AM

Originally posted by dreamingdigital View Post

Javascript has no access to secure cookes created by Miva. For example combination facet cookies can not be set, removed or read by JavaScript. You have to use the Miva functions.

Oh! Well that explains that. Thank you!

I'll give the code around the "continue shopping" a look.

**cpp-dev** · 04-16-21, 08:55 AM

Originally posted by Bruce - PhosphorMedia View Post

Got one word for you son...Custom Basket Fields. Works just like a session cookie. Easier to use. No down sides. (unless you are using Deferred Baskets -- maybe.)

Ok, that's very good to know. Back to the research mines I go.

And other than single page check out we're not doing anything else "fancy" with our basket.

**dreamingdigital** · 04-16-21, 09:57 AM

Just be aware that high traffic sites saving custom basket fields will create a $0 basket for each visitor / bot. Hence why I think Miva is using session storage via JavaScript on the continue shopping link these days. ALSO if you are creating baskets for every customer by giving them custom basket fields then you won't have any benefits from turning on Redis page cache (as is now recommended by MM). So many options. :)

Announcement

Best practices around "set-cookie"

Best practices around "set-cookie"

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment