getPageContext().getResponse().addHeader("Set-Cookie", "somevarA=foo; expires=#DateFormat( DateAdd( "yyyy", 1, Now() ), "ddd, dd-mmm-yyyy" )# #TimeFormat( Now(), "HH:MM:SS" )# GMT");
Woah - that looks nasty! A shorter version is to specify the number of seconds you want the cookie to expire after, so you could do this instead:
getPageContext().getResponse().addHeader("Set-Cookie", "somevarB=bar; Max-Age=31622400" );
Not quite as readable, but shorter. Both examples do the same thing.
The advantage of doing it this way is that you can add unsupported attributes (for example HTTPOnly was only added in CF9). You can find more information about cookies here: