+ Start a Discussion
sf_evolutionsf_evolution 

I need to read the "lastlist" cookie on a VF page...

Hi- 

Subject pretty much says it all.

There is a cookie present on cs4.salesforce.com called "lastlist":

 

 

 

...But I can't seem to get to it in code- I have havascript on a VF page that is trying to find it, but it just doesn't show....

<apex:page standardController="Lead">
<apex:form >
<script>
function getCookie(c_name){
var i,x,y,ARRcookies=document.cookie.split(";");
alert('ARRcookies'+ARRcookies);
for (i=0;i<ARRcookies.length;i++){
  x=ARRcookies[i].substr(0,ARRcookies[i].indexOf("="));
  y=ARRcookies[i].substr(ARRcookies[i].indexOf("=")+1);
  x=x.replace(/^\s+|\s+$/g,"");
  if (x=='lastlist') {
    alert('lastlist: '+unescape(y));
    return unescape(y);
    }
  }
}
</script>
        <apex:commandLink value="return:" onClick="getCookie('lastlist')"/>
    <apex:detail subject="{!Lead.Id}" relatedList="true" showchatter="true" inlineEdit="true" />
</apex:form>
</apex:page>

 

...The "lastlist" cookie just isn't there...

anyone have any ideas?

I also tried looking for it in a page controller extension but that didn't work either.

 

The whole reason I need to use this cookie is so I can get tbhe page view ID.

 

Tanks in advance

 

sfdcfoxsfdcfox

Visualforce is on a separate domain, so you can't access the main domain's cookies. This was specifically intentional when they decided to sabotage the domains this way.

sf_evolutionsf_evolution

Hi Sfdcfox;

 

>Visualforce is on a separate domain, so you can't access the main domain's cookies.

>This was specifically intentional when they decided to sabotage the domains this way.

 

This escapes me.... why on earth would they want to "sabotage" cross-functionality between VF and APEX?

 

Even if there was good reasons to do so (I guess like cookies that could cause havoc betwen the MVC model components), this one thing (the previous view) seems like a relatively benign object to pass between  servers.

 

 

 

 

sfdcfoxsfdcfox

I agree. It does seem odd that they would have done this, but there you have it. You can't access any cookie that doesn't start with "Apex". This is outlined in the Cookie documentation (I believe that's in the Apex Code Developer's Guide, might also be mentioned in the Visualforce Developer's Guide). Their citation for why this was done was to prevent cookies from leaking across domains (especially session ID values), as well as to protect the database from rogue applications (in the sense that they can't perform cross-domain AJAX directly). I've been looking for a meaningful way to access the MRV, but it seems we're fated to not have that access quite yet.