IE Does Not Set-Cookie With ASPSESSIONID When User Comes With JSESSIONID
I have code written in VBScript that accepts a POST submission from an external server to perform an auto-login to our website. I am experiencing an issue with Internet Explorer ONLY that I have determined using Fiddler.
The problem is that when I POST to this page, I need to set a few session variables that are passed on to the following page after logging in. But using fiddler, I have realized that for some reason, in IE, the "Set-cookie" statement in the headers is never acted on by the server. On all following pages the "set-cookie" header is sent on every page, but the ASP SESSION header is never set that indicates the session was started.
If I do the same test in Firefox, it works perfectly fine, no problem. So it seems IE is the issue.
One other fairly important piece of the problem appears to be that the external server that is initiating the POST submission is running Java, so when the user is on the external server their browser is maintaing a JSESSIONID value. But when they submit the POST form over to our server, the Set-Cookie directive is trying to set an ASPSESSIONID, which is never accepted by the browser...
So is it possible that for some reason IE is not able to handle a user coming from a JSESSIONID over to an ASPSESSIONID?
I need to somehow work around this, or somehow force the ASPSESSIONID to kick in, because it is critical that I can set session variables for use on later pages.
View Replies
ADVERTISEMENT
I am using the XMLHTTP object to request a page from within another ASP page. For my scenario, the two pages should operate in the same session. However, when I request the second page, a new session is created. This makes sense since it is coming from a different client (the XMLHTTP object as opposed to my browser).
I've tried to pass the ASPSESSIONID cookie along with the XMLHTTP post, but every time I pass the valid cookie, the XMLHTTP request times out.
Has anyone experienced anything similar to this? Is what I am trying to accomplish even possible?
View Replies
View Related
This is a question that has probably been answered before on the
newsgroup but probably in fragments. This is what I would like to do,
and I only have a very vague idea where to find the answer. Directions
would be useful.
1. Users arrive at the site. If they are registered they log in. If not
they sign up for registration.
2. The authentication information such as username and password are
held in a db, for security reasons the password should not be passed in
plain text.
3. When the user is logged in the session information should be held in
a cookie so that if the user returns in a short period of time they
will automatically be logged in. The cookie will also be used to
personalise certain parts of the site.
View Replies
View Related
We have an intranet which is personalized using a cookie which we set. I have an outside vendor who is developing an application which will live on a seperate server. Is there a way they can read the cookie which we set to log user into their application so that we can make it a seamless transition?
View Replies
View Related
How do you determine whether a user allows cookies or not.
Many people told me that it can be done by writing a cookie and then retrieve it to test this feature, but it simply doesn't work.
What else can i do?
View Replies
View Related
I can't seem to find again where this cookie is placed by IIS. Can someone
quickly respond with its location. Thank you.
Also, does anyone know if this system created cookie has the same attribute
of SECURE as does a developer created cookie? I know it's read only but how
can I secure it. I'm using 128 SSL in addition.
View Replies
View Related
It was recently brought to my attention that a cookie that gets set for access to our intranet is being appended with ASPSESSIONIDSCBRRTTR followed by a long string of random characters and no one seems to know who or what is setting this.
Can anyone provide me with some insight? Is this an automatic ASP or IIS function or is it something to be concerned about?
View Replies
View Related
How do you change the ASPSessionID during a web session? I have an ASP
application in SSL. The first screen is a login screen, which requests user
id and password. An ASPSessionID is assigned for this page. Once the user
is authenticated by valid id/pwd, the second page starts the real
applicaiton. I want to change the ASPSessionID to be different from the
first login page, which was issued to an unauthenticated user. How do I do
that in ASP?
View Replies
View Related
When I set a cookie in global.asa in the sub session_onstart, even if
I have "privacy" in IE 6.X set to "block all cookies" the cookie is
still set, and I can get it on other pages.
I can't find an article that addresses this as a specific issue. Why
does the browser get the cookie when it is set in the session_onstart
event even when I have "block all cookies" set?
View Replies
View Related
I want to know what's the differences between session cookie and regular cookie.
In ASP, when we create cookie, we do the following to identify an user:
Response.Cookies("name") = value
Is this regular cookie? How about session cookie? and when to use which?
View Replies
View Related
I have written an ASP.NET 2.0 application that uses Active Directory or ADAM
to manage account users - the site has a page that allows people to create an
account (much like any site). The page populates the AD with all the
information and the user account but I am unable to enable the account.
Microsoft has information on how to do that here -->
http://msdn.microsoft.com/library/d...ting_a_user.asp
(the sample is for Visual Basic) - and I am unable to complete the bottom
portion of the script. Can some one point me in the right direction - or can
you tell me how I can add a snippet of VBscript code to an ASP.NET page.
I am using the Active DS Type library - not sure why there are multiple ones
(System.DirectoryServices) but it is rather confusing - I seem to accomplish
one thing with one and another with the other (they did have trouble
co-existing however). Anyway my script works very well but I am not able to
access the properties required to enable the account.
Here is a simple version (no error checking) of the code.....
View Replies
View Related
how to go about setting up an asp script or flash action script to take the input from a user of his/her username and password then send an email to the user with the information. I am able to do all of this but the problem is that the users pc is the one sending the email. I want the server to send the email instead.
View Replies
View Related
The problem is that the code for "change_school.asp" takes the user right to "portal.asp". I checked the code of "change_school.asp" and it does indeed set a cookie value for "school", but for some reason "default.asp" is still finding the old cookie stored and then redirecting...any ideas guys?
'code for change_school.asp...clears the cookie "school" and redirects to page (default.asp) where user can select a new school
<% Response.Cookies("school")= ""
Response.Redirect "default.asp" %>
'code for default.asp which allows user to select a new school, and if the cookie "school" has some value then they are redirected.
<%
If request.cookies("school") <> "" then
Response.Redirect "portal.asp"
end if
%>
View Replies
View Related
On this website i am building it has password protection on certain pages. So i have a "login" portion on the right side of the page, that is shown on every page. When someone logs in is it possible to change that little section to just say Welcome so and so? Instead of having the username and password form with submit button?? Or is this something that requires some java to hide it?
Part II
When someone logs in i want them to recieve a cookie, in that cookie i want it to contain the person's name (wich i want the to be put next to the "welcome back on part I), email address, and up to four other numerical values. (some people will have greater access to sections of the site depending on who they are)
Is is possible to grab this information from the SQL database and put in the cookie? If so can anyone please show me, point me in right direction, ect?
View Replies
View Related
I'm using FrontPage Database results wizards to retrieve data from Access. I have a cookie containing a number I'd like to insert in a custom query. Whenever the page opens, I want the query to run using the value in the cookie. I haven't been able to figure out how to transfer the cookie value into something the FP webbot will accept in the query.
View Replies
View Related
What i am trying to do is this: I want to make a cookie. If someone comes back to a page (say after an hour after they left)i want them to get a specific popup. If someone comes back after than hour I want them to get a different popup, telling them something different.
View Replies
View Related
I'm going to go down this route of Cookie detection
<%
If Request.Querystring("Check") = "" Then
Session("cookietest") = "True"
Response.Redirect("cookietest.asp?Check=True")
Else
If Session("cookietest") Then
<!-- Execute code if enabled -->
Else
<!-- Execute code if disabled -->
End If
End If
%>
I’m a little worried, do you know how spiders work with regards to this sort of thing? My site gets some traffic due to it being spidered by the likes of google and I don’t want to loose that flow.
If I use this at the entry point of my site to redirect browsers with cookies turned off to a page telling them to turn them on will that stop the spiders?
View Replies
View Related
If my user turns cookies off, both permanent and temporary cookies can't be used or only permanent cookies can't be saved on the user's machine?
View Replies
View Related
I have a cookie with a path of "/"
im trieng to delete it before the expired time has comed anyway i am trieng to delete it by setting the cookie to ""
like so: Response.Cookies("name") = "";
but its not working but...i found out that if i dont set the path it is being deleted but i have to set the path because from some reason without it i have issues where the cookie is not found in some pages.
View Replies
View Related
I have a problem with a Cookie in an ASP page. Without any apparent reason, one of the Cookies disappears, but the others are ok.
I'm at Page1, a link goes to Page2. Page2 redirects to Page3 and Page3 redirects to Page1. When I'm back to Page1, sometime, one of the cookies don't exist anymore... But the others are there! The disappeared Cookie isn't always the same, in the 18 Cookies that I have.
The environment is composed of 4 clustered servers. Page1 is SSL, but not Page2 and Page3.
I don't have more than 4KB (1.86KB to be more precise) of data and I don't have more that 20 Cookies on the same domain.
I added the following code:
View Replies
View Related
Do you want manage ASP Sessions variables without Session Object and without Cookie?
View Replies
View Related
I want to retrieve the value of a cookie to make a form a little more user friendly (our intranet is configured to set a cookie for User First Name, Last Name and Email when they log in)
Unfortunately I can't figure out how to retrieve the value of the cookie. I've been trying:
<%
Response.write Request.Cookies(UserLName)
%>
But it gives me an error - I used Checky to make sure the cookies are there and they do exist:
Name:mascot
Value: UserLName=Tarby
Can someone give me some advice?
View Replies
View Related
When I run the ASP page for the first time, I find out, that the Cookie file name contains some several special characters such as %5F, which are encoded with a URLEncode function. So, I have the following string (after convert): ....
View Replies
View Related
How can I remove a cookie from the client in ASP? I'm not talking about setting the value to a blank string and I've tried this:
[vbs]
Response.Cookies("mycookie").Expires = Now()
[/vbs]
and
[vbs]
Response.Cookies("mycookie").Expires = Date() - 100
[/vbs]
Neither of which work.
Is there any way to completley remove the cookie?
View Replies
View Related
Is there a way to store an array of information in a cookie? ie. a user can have a "x" long list of a variable stored in a cookie, so when they return to the site this information can be retrieved.
View Replies
View Related
Is it possible to get the physical path of a cookie? (C:Document and SettingsmyLoginCookies)
Because I need "myLogin" (the Windows Login), and I can't get with request.ServerVariables("logon_user") or ("author_user") or whatever...
View Replies
View Related
I select 'name' from the customer table.
Is it possible to write it into a cookie?
<%
Response.Cookies("customer")("firstname") = '" & objRecordset(NAME) & "'
%>
when I try to write the above using
<%
Response.Write (Request.Cookies("customer")("firstname"))
%>
i get the following ....
View Replies
View Related
I need to revisit cookie testing. On the home page and every product page I
write a cookie. I do this because some users enter by direct links to
product pages.
<%
Response.Cookies("cookietest") = ("49")
Response.Cookies("cookietest").Expires = Date + 2
%>
On the cart page I test for the cookie...
<%
If Request.Cookies("cookietest") <"49" Then
Response.Redirect("err.asp?e=1")
End If
%>
I have a user that insists he has cookies enabled, yet he keeps getting
redirected to my error page which suggests he does not have cookies enabled.
What could cause this? Is the above too simple for all circumstances?
Is there more extensive code that I could setup on a hidden page where I can
send users to get read out on how they actually have their browsers setup?
i.e. Run a test on their browser and the results are emailed to me.
View Replies
View Related
I have an asp page where i created cookies-for admin and for user. The aspx page reads these cookies. Everything seems to work fine but now i have to create a new cookie if cookie has expired or if cookie is null. Also, i am having problems with the expire because if the username belongs to the admin for example and then i want to change
the username that belongs to a normal user the cookie recognises the first (admin) cookie. How do i solve this? .....
View Replies
View Related
I have created a page where i got sth like this:
if (request.cookies("example") <> ""
response.redirect("login.asp")
response.end
end if
(I will try to explain as easy i can), so in the login.asp using a .mdb i get the username and check with the password, and putting the username in the cookie in this case called example, but using some cookie poisoning i can be anybody logged in, even sb out of the table of users, i didn't use the session object, i wanted to use a cookie because i got curiosity and i didn't understand what is the difference, and actually i don't understand so much...anyways i got 2 questions, how i do sth for protect the cookie for cookie poisoning and what is the difference between the session and the cookie (from the little what i know is that the session is a predefined cookie that has some encrypting stuff and that so on and got some properties, methods right? and the cookie is just a information holder without any extra stuff as the session object has, am i right?)
View Replies
View Related
I have created code to create a cookie about a user when their login and when they tick a remember me box.
The problem is though the the data in the cookie is stored in plain text. Which means I can use firefox and it webdeveloper tool to look at the cookie and change the values.
My question is how do you encrpyt a cookie so it doesnt store the info in plain text?
View Replies
View Related
well in session we got session.abandon and all the bad sessions gone... i need to delete cookies from users side, there is option for this in asp dot net but in classic asp how we can do it?
Response.Cookies("firstname").Expires=?
View Replies
View Related
I use the following simple code in an asp to test how cookies work ...
<%@ Language=VBScript %>
<%
Response.Cookies("CookieTest")="Lovely Cookie !"
Response.Cookies("CookieTest").Expires=DateAdd("n",5,Now())
%>
<HTML><BODY>The cookie has arrived !</BODY></HTML>
I've set my IE6.0 to prompt me for all cookies, which it does for all web pages I visit,
but not for the above asp page which is hosted from IIS5.1 on my PC. I can see the cookie being created in my Cookies folder, but would like to be prompted first!
View Replies
View Related
