Showing results for 
Show  only  | Search instead for 
Did you mean: 

dtCookie is breaking applications


The dtcookie is breaking the way our application work. When the agent is activate it is injecting a dtCookie before all the other Set-Cookie in the Response Header of all HTTP request.

In the following response you will see that there is now two Set-Cookie values. Our applications is taking the first occurences of the Set-Cookie to retreive the JSESSIONID and now since it is not the first, the applications are not able to retreive the right sessionID.

Is there a way to tell Dynatrace to inject the dtCookie after all the other Set-Cookie?


2017-05-17 16:22:38.823 [main] DEBUG
org.apache.http.wire:72 - << "HTTP/1.1 200 OK[\r][\n]"

2017-05-17 16:22:38.826 [main] DEBUG
org.apache.http.wire:72 - << "Date: Wed, 17 May 2017 20:22:40

2017-05-17 16:22:38.827 [main] DEBUG
org.apache.http.wire:72 - << "Content-Length:

2017-05-17 16:22:38.827 [main] DEBUG org.apache.http.wire:72
- << "Content-Type: text/html;

16:22:38.827 [main] DEBUG org.apache.http.wire:72 - <<
"Set-Cookie: dtCookie=C29F390DF76BFE8979DBC3B3BB8BF01A|X2RlZmF1bHR8MQ;

2017-05-17 16:22:38.827 [main] DEBUG
org.apache.http.wire:72 - << "Set-Cookie:
path=/OrderManagement; HttpOnly[\r][\n]"

2017-05-17 16:22:38.827 [main] DEBUG
org.apache.http.wire:72 - << "X-ORACLE-DMS-ECID:

2017-05-17 16:22:38.828 [main] DEBUG
org.apache.http.wire:72 - << "OMSBuildVersion:[\r][\n]"

16:22:38.828 [main] DEBUG org.apache.http.wire:72 - <<
"X-dynaTrace-JS-Agent: true[\r][\n]"

2017-05-17 16:22:38.828
[main] DEBUG org.apache.http.wire:72 - << "[\r][\n]"



I can´t think of a way to insert the cookie at a specific Point with either normal or debug options available in the client. Maybe open a support case to check with if there is another option, if no answers come in.


If your app depends on the ordering of individual (and differently named) cookies I would say it is violating the HTTP specification and needs fixed.

See also RFC 6265 Section 4.2.2

   Although cookies are serialized linearly in the Cookie header,
servers SHOULD NOT rely upon the serialization order. In particular,
if the Cookie header contains two cookies with the same name (e.g.,
that were set with different Path or Domain attributes), servers
SHOULD NOT rely upon the order in which these cookies appear in the

Thanks for the answer, those applications were made a long time ago and never got any issue before. I know it may be a bad design and they should definitely be updated but in the meantime is there a way to change the order or something in Dynatrace UEM to make the dtCookie header come after the existing one?


Is there a way to turn off sending the cookie from dynatrace Appmon?

Hello @Chaitanya S.

Why do you want to stop cookie?

To identify a visit, AppMon uses cookies. Therefore it is a technical necessity that a Webserver Agent set a temporary session cookie; otherwise UEM cannot measure a user's performance experience. This cookie is sent on the first web request and expires when the browser is closed. It is non-persistent and is not used for ad tracking. AppMon sets these first-party cookies for the sole purpose of application performance management, not for tracking a user's purchasing bias or click behavior.

Have a look on the below link for more insight.



we have some legacy app which allows only one cookie. dyntrace is taking that 1 cookie and causing app to be stopped. Hence, we don't want cookie to be injected

The only way to stop sending the dtCookie is to disable User Experience Management for your application (in System Profile settings).


Thanks @Enrioco. It worked