BEV Cookie
The bev (Browser Event Value) cookie is the visitor identifier. It's the only thing connecting anonymous visitors across sessions.
Cookie Details
| Property | Value |
|---|---|
| Name | bev |
| Value | {timestamp}_{10-char-random} (e.g., 1712345678_aBcDeFgHiJ) |
| Max-Age | 1 year (31536000 seconds) |
| Path | / |
| HttpOnly | true (not accessible from JavaScript) |
| Secure | true when HTTPS detected |
| Domain | Configurable via bev.cookie.domain |
How It's Set
The BevCookieInterceptor runs on every request to @BevCookie-annotated endpoints:
- Checks if
bevcookie exists in the request - If missing → generates a new value
- Sets the cookie in the response
- Stores the value as a request attribute for downstream interceptors
What Frontend Does
Nothing. The browser sends the cookie automatically. Frontend code never reads, sets, or sends the bev value manually.
Configuration
bev.cookie.domain=.elivaas.com # Share across subdomains
bev.cookie.max-age=31536000 # 1 year (default)
bev.cookie.path=/ # All paths (default)