What libraries would I need installed, or what configuration to the server is needed, to allow me to set a cookie on 'site1.com' that can be read on site2.com
No log-in, just using a cookie from a form on site 1 (name) and being able to print out their name on site 2, without messy querystrings. Is this possible? I cannot find proof that this is supported.
I have a swf file in one domain and an ASP file in another domain; the swf doesn't not receive the variables form the ASP, how can solve the problem with crossdomain policy?
Anyone know of a way to allow a cookie to be read by multiple domains, or even better a specific IIS server IP? We're looking to track users across multiple domains within our website group.
Im in contact with the developer who built the other website and he is being helpful in writing the code on the payment confirmation (which only he has access to).
I need to be able to update my database when an order has been completed (from the confirmation page on the other domain). Can you update an access db from another domain? if so are there any security issues? what, if any, permission do i need to set up ie: on the database or on my domain? what is the code to do this?
I'm wondering if it is possible to have an ASP page that "links" to another ASP page on another domain that is generating variables (in the form of a URL string)?
iframes can connect to the ASP file on another domain, however, I don't know how to access that data in ASP.
Does anyone have a successful experience in using XMLHTTP or ASPtear to read a cookie on another domain? Can it be done at all using these or similar technologies or can it only be done using the redirect trick?
I am looking for a way to delete (expire) all the cookies that we've ever written to the user's machine. I have found several scripts, however I have come across one "gotcha."
The scripts I have found all look something like this:
response.buffer = "true" dim x for each x in Request.Cookies Response.Cookies(x) = "must be something" Response.Cookies(x).Expires = "January 1, 1999" next
One cookie gets set like this:
Response.Cookies(x).Domain = ".henryschein.com"
so that we can retrieve it from 'www.henryschein.com' and 'info.henryschein.com'
The problem is that the script above does not delete it.
Anyone have any idea why this is?? Anyone have a script that properly deletes ALL the cookies that you've ever written to the user's machine?
I've got a bunch of web-portals that customers use to log-in and see their data. In a production environment, each of these has a completely different domain name, but they all point back to one web-server/same IP, they just have different applications configured in IIS.
I've created an authentication cookie, where a master user can hop from one site to another, and not have to keep logging in. This works fine on my test box, but I've just realized that from IE's perspective, it's all the same host.
I'd like to be able to access these cookies from any site, but I realize for security reasons, you can't read a cookies set from another site. In my case though, they really aren't set from another site. Am I out of luck when it comes to accessing these cookies?
We have two sites hosted on different servers and we have many pages on domain A which has many links(asp programs) to domain B.
My question is if domain B server is in trouble, what is the best way to have all domain pages redirect to domain A? Right now I just have redirect code in each program on domain B to redirect to a maintenance page on domain A.
My code works in IE but not in Netscape. Can someone let me know what should be done in order to view the javascript function also in Netscape. Thanks. Script:
Quote: <script language="javascript"> function showurl(v){ var layers = document.all.tags("DIV"); layers['show'].style.visibility=v; } </script> Form:
I have a web application mainly written in ASP. How can I prevent my pages like login.asp and other important pages from Cross-site scripting malicious attacks. What precautions should I take ?
In my Session_OnStart in Global.asa, I am setting some cookies. One of them, I set as follows:
dim UserID UserID = Request.ServerVariables("LOGON_USER") Response.Cookies("User")("ID") = UCASE(UserID)
When I immediately log the cookie value retrieved from Request.Cookies("User")("ID") into the Windows Event Log, I get the correct value. However, when I try to retrieve the cookie on the home page of my application using the same code,
Request.Cookies("User")("ID"), it either cannot find the cookie or cannot read the value. I am retrieving the cookie before all HTML headers are written. It is my first statement on the page after Option Explicit. I have even compared the session IDs. The SessionID created in the Session_OnStart is the same value as the SessionID on the home page.
I have read that the Session_OnStart only has access to the Application, Session and Request objects. It does not explicitly say that it does not have access to the Response object. Also, I was even able to use Response.Write's in Global.asa to print out the values although it looked like it had also stopped the session after I did so. Cookies are definitely enabled on my machine. I have even tried setting the session cookie's expiration to be persistent for a few days to see if it was perhaps expiring before I was able to read it but this did not work either.
Is there something preventing cookies to be created in Global.asa in the Session_OnStart sub? Is the Response object not available??? Please let me know if anyone else has had this problem or solution.
I manage a site with a normal address like: www.mysite.com I'm using a cookie to store nicks of my users, with a code like this: ---- Response.Cookies("mycookie").Expires = #January 1, 2030# Response.Cookies("mycookie").Path = "" Response.Cookies("mycookie").Secure = FALSE Response.Cookies("mycookie")("nick") = nick ----
and I'm deleting it, if a user wants so, with: ---- Response.Cookies("mycookie").Expires = #January 1, 2003# Response.Cookies("mycookie").Path = "" Response.Cookies("mycookie").Secure = FALSE Response.Cookies("mycookie")("nick") = "" Response.Cookies("mycookie") = "" ---- (I know, there's too much stuff in the delete procedure!)
Now I'm going to open some new sections of my site, with subdomain adresses, like search.mysite.com, shop.mysite.com... and I need that cookie authentication for the main (www) address is working also in these subdomains.
I red on the Internet that with the DOMAIN property, I can set my cookie to make it work for every subdomain, with something like: ---- Response.cookies("mycookie").domain = ".mysite.com" ----
.... and it works! My problem is when I try to DELETE it: after I set a cookie with ..domain property, it seems to become "read only": any my attempt to delete (or modify) it seems to be ignored.
Results are the same when I try to write it from the subdomain that created it (www), or when I try from the "chief" address (mysite.com, without any subdomain).
At risk of being flamed for mentioning the N-word here ...
Has anybody yet cracked the knotty problem of sharing Session state between ASP and ASP.Net sites (within the same domain)?
Last time I looked, the two Session() mechanisms were totally divorced and separate, making step-by-step conversion of Session -dependent web sites from ASP to ASP.Net all but impossible.
I have just taken over an ASP application that has a form whereby the user on entering details submits it, where an administrator approves the form. lately I have been getting calls from people who on opening a Finalsed Form (non-editable) to copy similiar data to the new form, are finding the new form disapearing and the Finalised form taking on the new data.
Being new to ASP, I am assuming this would be a session thing, considering the Form number is held in a session variable, as are many other fileds of the form? Is this a common "break" in ASP - a user opening another copy of a form and ending up with cross-contamineted data? I havent included intracate details as at this stage I wouldnt know what to include without including the whole 20 pages of 1300+ lines of code...
I am trying to find a way to make an asp page on one computer access a database stored on a different computer and perform numerous operations on it. I am unsure if this is possible as up til now I've always used a database in the same folder as my .asp pages. Can anyone provide some insight into this?
Is it possible for a user to enable permanent cookies but disable session cookies.....this seems like a contradition yet this is what I appear to be reading in online articles?
I m creating a cookies in my application and it work properly but i can't see the cookies where it will sotred i checked the cookies folder but i didn't find that I want to create a cookies file as the other web site create and store where other cookies will stored in Cookies folder or Temprory Internet files folder eg:1. arvind@google.co[1].txt this stored in cookies folder 2. arvind@msn[2].txt ....
I'm having a domain change foisted upon me and the test I did resulted in every last ASP and ASP.Net script stopping cold. Nothing but plain old html worked. Is there a FAQ or some other document available that outlines what has to be done when the IIS server machine is disconnected from one domain controller and reconnected to a totally different one? If not, does anyone here know what would have to be changed to make the ASP code play nice in the new domain?A relevant bit of info, they're also changing the name of the administrator account. I don't know if that would contribute to the death of ASP* on the system, but it might.
Using classic ASP I want to check if a username and password are correct before passing the details on to an object (stocktake module) that uses them to authenticate the object. The object defaults to a preset user if the authentication fails and doesn't warn the user, so I wanted to do the check manually before passing it to the object.
Can anyone tell me how to get ASP to work on a Server 2003 domain controller?I keep getting 10004 errors in the system log.I've tried resynching passwords etc.
I have made a mail script to executed whilst on domain (say mydomain.com). It can email fine to any address except those that end in '@mydomain.com'.Anyone know why?I'm sending it from 'info@mydomain.com' to 'info@mydomain.com'.
I want to build a domein name checker using ASP & Vbscript but I don't have a clue how to start or what I need to do precisely.
An example of the checker can be found at. http://www.denit.net/ it's called an domeinnaam check an can be found at the middel of the right side of the page.
Are there any articles / resources out there about the point of setting the domain when you set cookies? I have been able to find nothing and fail to see the point in setting a domain. As cookies can only be accessed by the domain that set them, what is the point in setting a domain? if the domain is set for say .example.com, can all subdomains read it?