Skip to main content

Support for server-side cookies

The cookie _vaI (which stores contactId) is created client-side by the script. With Apple ITP (Intelligent Tracking Prevention) all client-side cookies (and LocalStorage) have a capped lifetime (7 days) in Safari. Which means when an identified visitor doesn't revisit the site within 7 days the cookie will expire and the script wont be able to identify the visitor using the _vaI cookie.

The cookie lifetime cap applies only to cookies created client-side (with Safari) and doesn't affect server-side created cookies. The tracking script now support copying the value from a cookie _vaI_server created server-side as a fallback to recreate the client-side cookie _vaI.

The cookie _vaI will be recreated, if needed, in this specific order:

  • The site invokes setContactId or includes contactId in an event

  • The URL param vtid exists

  • The LocalStorage key vtid exists

  • The cookie _vaI_server exists

By implementing _vaI_server identified visitors will stay identified when returning even after 7 days have passed. To implement this, the site (server-side) should look if the request includes a _vaI cookie. If so the site should copy the value to a new cookie _vaI_server, giving it a 1-year expiration date, and add it to the response.

An example in C#:

if(HttpContext.Request.Cookies.TryGetValue("_vaI", out var contactId) && !string.IsNullOrWhiteSpace(contactId) && contactId != "undefined")
    var option = new CookieOptions 
        Expires = DateTimeOffset.Now.AddYears(1), 
        HttpOnly = false
    HttpContext.Response.Cookies.Append("_vaI_server", contactId, option);