Using cookies in ETM - quality-manager/onboarding GitHub Wiki

The use of cookies is discouraged in the product. See alternatives before deciding if you really need a cookie.

Storing data for the user

We have different alternatives for storing data for the user:

• User option/Project option/Global option: See IOptionRestService.
• Persisted property: See IPersistedPropertiesRestService.

Less-permanent methods:

Browser storage

If the above is not enough we still can use the browser storage area: window.localStorage. Note that this storage area expires as soon as the session ends so the usage is limited. For more information, see https://developer.mozilla.org/en-US/docs/Web/API/Window/localStorage. Note that this method is not encouraged either, if possible, always use User options to store data.

Cookies

Cookies are a bad pattern and should be avoided at all costs. In the remote case that there is no alternative other than using cookies, have the following in mind:

SameSite setting: This setting determines if the cookie can be used by other server instances that don't own the cookie. This is used for cross-communication between different applications. See for reference: https://web.dev/samesite-cookies-explained/ and https://openliberty.io/blog/2020/03/25/set-samesite-attribute-cookies-liberty.html.