1

I'm using the following function to create a cookie which is set in a Java Servlet. I am trying to delete it in a scriptlet in a .JSP file. However it is not deleting the cookie, any ideas as to why?

This is the function that I am using to create the cookie in the Servlet:

    for(String classId :request.getParameterValues("classId")){
        optionCookie = new Cookie("componentSearchOptionSelect",classId);
        response.addCookie(optionCookie);
    }

This is the code I am using to delete the cookie in the scriptlet:

Cookie[] cookies = null;
        cookies = request.getCookies();
        if(cookies != null){
            for(int i = 0; i < cookies.length; i++){
                 Cookie cookie = cookies[i];
                 if(cookie.getName().equals("componentSearchOptionSelect")){

                     selectedClass = cookie.getValue();
                     cookie.setMaxAge(0);
                     response.addCookie(cookie);
                 }
             }
        }
Colin747
  • 4,955
  • 18
  • 70
  • 118

2 Answers2

2

JSP as being a view technology is responsible for generating the HTTP response body. Cookies have to go in the HTTP response headers. So if you put that cookie code halfway in a JSP and JSP has at that point already genrated that much of HTML which caused that the response is already committed, then it's simply too late to set a HTTP response header. The HTTP response headers have already been sent to the client, which is a point of no return. If you have paid attention to the server logs, then you should have noticed an IllegalStateException with a pretty self-explaining message and trace.

So, to fix your problem, just make sure that you delete the cookie when the response isn't committed yet. Put the scriptlet containing all the business logic in the very top of the JSP page, long before the JSP writes anything to the HTTP response body.

<%
    // Business logic here.
%>
<!DOCTYPE html>
<html>
    ... (presentation logic here)
</html>

Actually, JSP is the wrong place to perform business logic (read: you should not be using scriptlets at all). You should be using a servlet or servlet filter for this. In your particular case, I think you just need a servlet with doGet() as demonstrated in Calling a servlet from JSP file on page load.

BalusC
  • 1,082,665
  • 372
  • 3,610
  • 3,555
0

Please try this.

/*
Cookie[] cookies = null;
cookies = request.getCookies();
if(cookies != null){
    for(int i = 0; i < cookies.length; i++){
         Cookie cookie = cookies[i];
         if(cookie.getName().equals("componentSearchOptionSelect")){
             selectedClass = cookie.getValue();
             cookie.setMaxAge(0);
             response.addCookie(cookie);
         }
     }
}
*/

Cookie cookie = new Cookie("componentSearchOptionSelect", "");
cookie.setMaxAge(0);
response.addCookie(cookie);

By the way, Why do you set same value to Cookie many times? The value of the cookie componentSearchOptionSelect is the value of the last from request.getParameterValues("classId")).

Cédric Bignon
  • 12,892
  • 3
  • 39
  • 51
koji
  • 179
  • 6
  • The `for` loop only has one field in the array, this is an issue I will look at later but for now it works. You solution did not work, after your code is ran the `setMaxAge` remains at `-1`. – Colin747 Feb 04 '13 at 00:26
  • How did you check thats value? from browser or once more JSP? – koji Feb 04 '13 at 00:39
  • I used the following code: `Cookie[] cookies2 = null; cookies2 = request.getCookies(); if(cookies2 != null){ for(int i = 0; i < cookies2.length; i++){ Cookie cookie2 = cookies[i]; if(cookie2.getName().equals("componentSearchOptionSelect")){ System.out.println(cookie2.getMaxAge()); } } }` – Colin747 Feb 04 '13 at 00:43
  • for example, do you delete and check Cookie in the same jsp? this is of course Cookie is not yet delete from Browser. Because your action(delete) not yet provided to Browser. a.jsp -> delete Cookie and show HTML. b.jsp -> check Cookie. can you do? maybe you can watch yet Cookie on Browser. but maybe Browser not provide that Cookie to b.jsp. – koji Feb 04 '13 at 01:17
  • The problem is when I refresh the same .JSP page the cookie still exists even when it should have been previously deleted before the page refresh. It can be seen in the browser dev tools (Chrome) and as it is also setting my selected drop down option. – Colin747 Feb 04 '13 at 01:37