Cookie Manager
The purpose of the Cookie Manager is to make it possible for you to obtain consent to storing and retrieving data using cookies. This is necessary to comply with a number of different EU directives concerning the right to privacy online.
With the Cookie Manager, you can show explicit and granular information to website users about cookies and cookie categories, before asking them to accept one or more cookies. The Cookie Manager is available from Settings > Web & HTTP > Cookie Manager (Figure 1.1).
 
			To use the Cookie Manager:
- Check Enable cookie manager
- Select either Template based warnings and a Template (recommended) or Custom. You can also select a template at the website level using the cookies button in the Websites app. This will override the template set here.
After seleting the rendering method, use the Settings (Figure 1.2) to configure the Cookie Manager.
 
			You can:
- Specify the cookie lifetime for the cookie which stores the visitors opt-in choices
- Check Disable HttpOnly flag on all cookies to disable the HttpOnly flag being set on all cookies – this is not recommended as it presents a possible security threat
- Mark some of the cookies as secure cookies – these cookies are only set when the website is accessed via https
Finally, you can add custom cookies to the list – this is only necessary if your cookie is set via custom code. Cookies set via our API (using the CookieManager.SetCookie method) are added to the list automatically.
Below the general settings, a selector allows you to mark some cookies as Tracking cookies. If you need more categories (and you typically do), you can create custom cookie categories – see below.
Secure Cookies & HTTPS
If you blindly enable secure cookies without using HTTPS your backend will break or misbehave as many backend features rely on specific cookies such as TreeShopFilter being set. So don't enable secure cookies without using https.
Cookie Categories
Cookies can be categorized – as e.g. Marketing cookies, Essential cookies, and so on – which makes it possible to group them appropriately in frontend when asking users to opt-in. A category is basically just a label which is created under Settings > Web and HTTP > Cookie Manager > Cookie categories.
Once the category has been created, a new cookie selector is shown in the cookie manager (Figure 3.1). Simply move cookies from the left-hand column to the right hand column to include it in the category. If a cookie is a member of two categories, both must be accepted in frontend before the cookie is set.
 
			Dynamicweb Cookies
Here is an overview of the cookies set by Dynamicweb:
| Cookie name | Set by | Used for | Notes | 
| Dynamicweb | Dynamicweb | Functional cookie | Expires 1 year from last visit | 
| Dynamicweb.Session | Dynamicweb | Stores information about the tracking session | Expires after 30 minutes | 
| Dynamicweb.SessionVisitor | Dynamicweb | This cookie stores session information and profiling information used by a the old statistics implementation | Expires 30 minutes after last pageview | 
| Dynamicweb.CookieOptInLevel | Dynamicweb | Set by the cookie manager, contains information about which types of cookies a user allows the system to set. | 
 | 
| DW_Extranet | Extranet app | This cookie saves a username and password if remember username/password is set. It also remembers autologin. 
 Depending on circumstances, it is also used to store the UserID of the user who is being impersonated by this user | 
 | 
| DW_ExtranetSessionCookie | Extranet app | This cookie saves a username and a password for the duration of the session 
 Depending on circumstances, it is also used to store the UserID of the user who is being impersonated by this user | HttpOnly = true Expires when user logs off | 
| Ecom.SelectedLangID.Frontend | Ecommerce | Sets the selected ecommerce language for frontend users. | 
 | 
| EcomCart:CustomCartContext | Ecommerce | Sets the persistent cart context | 
 | 
| Dynamicweb:Ecom:Notification | Ecommerce | Saves email in cookie to check for back-in-stock notifications registered by anonymous visitors | Expires after 7 days | 
| Dynamicweb:Ecom:Cart:CartSavedFor Later | Ecommerce | Saves the IDs of products removed from cart – they may then be renderes elsewhere using a loop. | 
 | 
| Dynamicweb:Ecom:Cart Dynamicweb:Ecom:Cart* | Ecommerce | Saves information about the current cart for anonymous and logged in users – for logged in users the cookie will be called Dynamicweb:Ecom:Cart{UserId}. 
 If order contexts are used the cookie name will also include the name of the order context, e.g. Dynamicweb:Ecom:Cart.OrderContext1. | 
 | 
| BasicForum | Forum app | Saves data related to subscribing/unsubscribing from a forum thread or category | Expires after 360 days | 
| Personalize | News v2 app | Saves a NewsID of a news item which is set to be rendered in a personalized manner. | Hardcoded to expire 4/7/2037 
 Newsv2 is deprecated | 
| Favorites | News v2 app | If the Personalize cookie is set, this cookie is saved when a personalized template is rendered. – seems to have no content | Expires after 1 month 
 Newsv2 is deprecated | 
The following cookies are set by the Dynamicweb Administration (backend):
| Cookie name | Set by | Used for | Notes | 
| DownloadToken | File Manager | Set by the file manager in backend when a folder is zipped and downloaded | 
 | 
| ListUsersPageNumber{Id} | User management | Set to remember which page on a given list of users a backend user is currently viewing. | 
 | 
| ListUsersPageSize{Id} | User management | Set to remember the total number of pages on a list of users browsed in backend. | 
 | 
| TreeResetStateRequested TreeShopFilter TreeShopFilterApplied TreeNavigateToNode | Ecommerce | Set by the Ecommerce tree in backend to remember most recently selected shops, filters, groups, etc. | 
 | 
| Ecom.SelectedLangID.Backend | Ecommerce | Sets the selected Ecommerce language for backend use. | 
 | 
| Login | Dynamicweb | This cookie is used to remember various properties for users who log into backend, e.g. the selected area, language, and to remember where in the backend they were if they were logged out and is logging in again | 
 |