How to check if cookies exist in ColdFusion 2016?

Question

We just recently upgraded our test server from CF10 to CF16. One of the problems are cookies. After I tried to login to our system message showed on the screen Cookies Are Not Enabled!. I have checked the code and there is cfif that checks if Cookie.test is not defined. Here is example of my code:

<cfif NOT IsDefined("Cookie.test")>
    Cookies Are Not Enabled!
    <cfabort>
</cfif>

This is line of code where I found cookie.test:

<cfcookie name="test">

This is on the very bottom of the page and isDefined() is on the very top. So I'm wondering how this can be checked in ColdFusion 2016? Thank you.

Answer 1

You can use isBoolean(URLSessionFormat("true")) to check if cookies are enabled or not.

<cfif isBoolean(URLSessionFormat("true"))>
  cookies are enabled
<cfelse>
  cookies are not enabled
</cfif>

---

Also, I've created an UDF

https://cflib.org/udf/isCookiesEnabled

/**
 * Returns true if browser cookies are enabled.
 * 
 * @return Returns a boolean. 
 * @author Alex Baban  
 *  
 */
function isCookiesEnabled() {
    return IsBoolean(URLSessionFormat("True"));
}

<cfoutput>#isCookiesEnabled()#</cfoutput>

---

live demo:

<cfset result = IsBoolean(URLSessionFormat("True")) />
<cfdump var = "#result#" />

https://trycf.com/gist/2746d807170a0dc74e7349935320a78e/lucee5?theme=monokai

Answer 2

I came across this question because of a thread posted to the Lucee user forum. Because it's cfml specific and not limited to ACF I'm posting an additional answer here.

It's not possible to set and test for cookies within one request, because cookies are set as a server response header and only then added to the clients request headers for all subsequently requests by the browser/client. In other words: The technique of using cookies always needs one request for setting the cookie and another for sending the cookie.

Also, I still can't understand how the above solution with IsBoolean(URLSessionFormat("True")) should be viable or work. According to cfdocs of urlsessionformat the function expects an URL string and not a boolean value as string and would return a string with the URL session token. In my opinion that code always returns true. Secondly, the UDF comment says it 'Returns true if browser cookies are enabled' and that isn't possible within a single request. This answer needs further elaboration.

Because there are many possible solutions, I'm just showing a simple alternative that shows visitors that cookies are en/disabled. It's basically a template (cookieset.cfm) that creates the cookie and subsequently loads a second template(cookiechecker.cfm) within an iframe. This alternative also doesn't need to have session management or client management of your cfml engine enabled.

<!doctype html>
<html>
<head>
<meta charset="utf-8">
<title>Cookie tester</title>
</head>
<body>
    <div>
        <!--- set cookies so that these are submitted to the servers response headers --->
        <cfset cookieName="myCookieTest">
        <cfset cookieValue=hash(now())>
        <cfcookie name="#cookieName#" value="#cookieValue#">
        <cfoutput>
            <!--- embedded iframe that will send existent cookies the the iframe src template within the client request headers --->
            <iframe src="cookiecheck.cfm?cname=#urlencode(cookieName)#&cvalue=#urlencode(cookieValue)#" name="cookieFrame"></iframe>
        </cfoutput>
    </div>
</body>
</html>


<!--- cookiecheck.cfm --->
<!doctype html>
<html>
<head>
<meta charset="utf-8">
<title>Cookie Check</title>
</head>
<body>
    <div>
        <cfif structKeyExists( url, "cname" ) and structKeyExists( url, "cvalue" )> 
            <cfif structKeyExists(COOKIE, url.cname) and cookie[  url.cname ] is url.cvalue>
                Cookies activated!
            <cfelse>
                Cookies deactivated!
            </cfif>
        <cfelse>
            cookie data not specified in URL
        </cfif>
    </div>
</body>
</html>