I'm writing an application to authenticate a user using a challenge
response mechanism. The client and server components of the
application talk over HTTP.
I would like to use an ASP session object to hold a random number on
the server. The code to store the number is written as part of a VB
web class.
When I read the http header returned from my server, I can't see the
session cookie. Why is this? If I create a normal cookie as part of
my web class, it is returned correctly within the header.
I am using HttpQueryInfo the read the header as follows:
If I want to have a username/password dialog in my page,how can I add http header in ASP for username/password dialog? I want to hardcode the username/password in my page and check the authentication.
I have added a http header on a virtual directory. (Content-Type text/html; Charset=utf-8). Is there any way of clearing this or override this in one asp page? In this page I will download a tab separated text file.
I don't want to show this in the browser. I try to set this content type from my COM+ component which is invoked by this asp page. Response.clear will not clear header information (and I guess the added http header is added just before the result is sent to the browser).
If IsNN6 Then GetObjectContext("Response").contentType = "application/octet-stream" Else GetObjectContext("Response").contentType = "application/save" End If
Is there any way to prevent an IE 6 browser from sending up the REFERER HTTP header? (Either as an IIS Server setting, change to asp files, or even a setting in the IE browser).
This is wasting WAN bandwidth in our Intranet application - we have fairly low network bandwidth. The referer is inevitably somewhere else in our own ASP application, and is usually has a really nasty long QString attached ... (and no, really dont want to run stats about how users navigate our app)..
If I display the header information from site 2, it display PATH_TRANSLATED as below.
D:kbapplicationprogramuihttpCustomerPortaldi splay2search.asp, except the here is W with a line going across it. For some reason, when I paste it here, it changes to , but in IE, it's W with a horizontal line.
After rebuilding our web server from NT 4.0 IIS 4.0 to Windows 2000 IIS 5.0, I'm constantly getting HTTP Headers posted to the top of the HTML source (generated from ASP pages of course). This only seems to happen upon hitting the browser's (IE 6.0) "back" button and not even 100% of the time when hitting the back button. Here's an example of the source that is generated: Code:
am using pws on win 98 and when i try to excute any asp page i got the following error
Response object error 'ASP 0156 : 80004005' The HTTP headers are already written to the client browser. Any HTTP header modifications must be made before writing page content.
I have a site that I'm trying to migrate to ASP.NET from ASP, and the foremost stumbling block I'm hitting is session state between the ASP and ASP.NET applications. In order to access this information, I'm doing a HttpWebRequest from the ASP.NET side into an .asp page, passing the session name on the get in order to request it from the ASP side and write it back to the response stream, giving ASP.NET access to it. Of course I change sessions each time I make the call from the ASP.NET side.
Soooooo, I'm thinking to myself, "Self, shouldn't you be able to fake out the server by getting the session cookie from the initial usage of the asp, pass that data to the ASP.NET, and use that to send a request back the ASP side under the appropriate session?"
From a real high level, I enter the site via a .asp page. This page in turn calls .aspx page from within a frame ......
I am not asp specialist and i was wondering what to choose - session or a cookie. the idea is to make something like a shop but without the function "remember me" ... more like "in memory" cookies. so apparently i will have to use a session or a "in memory" cookie but which one is better. as to my knowledge the session does not differ dramaticaly from the cookie because it uses because as u know it is based on cookies. however why should i use session instead of cookies if the result will be exact the same i.e. if browser does not support cookies the whole thing won't work out?
How would the server know the user has viewed a new post in a discussion forum? All the posts that started today will display in bold. Once I view the post, and the post will display in regular text?
I'm seeing a problem with IE running on OS-X. When the user logs in to the website (ASP/IIS5), a Session is established properly, but somewhere along the line, a new Session is created and abandoned. At that point, the user must log in again due to the code logic (their Session is "gone" and they're then invalid). The original Session's On_End event never fires (or perhaps it doesn't until the timeout which is 40 minutes).
I am monitoring the Session_OnStart and Session_OnEnd events with debug code.
This problem only exists for this one user and the only difference between her and the other users is that she's running IE on OS-X. IE on OS-9 works fine as does IE on Windows.
First, I like to know if I can specify how long a session variable could expire?
I am having problem with user logged in period when using session variable.
When I logged in and go away from keyboard for like 10mins. By then I have to login again in order to post or any website features that requires login.
I have not yet create a cookie for the user when they are login.
The session_onstart event will fire for every pull BECAUSE no SESSIONID cookie is ever created and the server has to assume that every HTTP REQUEST frame is a new session. The response object is actually just setting a header, of course.
Every redirect is sending a header to the browser equivalent to a "meta refresh" and that once again triggers the session_onstart.
If I start a session on our web app then close all browsers, I expect that the session cookie would be deleted and that the session itself would exist until it expired. I then start a new instance of the browser expecting to get a new session id and a new session, but instead I reconnect to the unexpired session. Does anyone know why the session cookie is persisting despite the closure of all the IE windows?
I'm not exactly hot on asp, but I have managed to create a members area / pages on a site that requires the usual login etc through username and passwords.
The problem that I'm having is that people are being logged out and forced to log back in etc.
Here's the code for the log-in form on the site: ....
how I could store the referrer id in this URL http://www.widget.co.uk?referrer=1234 into a session cookie. I've been given this code by someone else but my knowledge of ASP is virutally non-existent and they need this feature in the site as soon as possible.
<%dim vntRef if request.querystring("referrer") <> "" then vntRef = request.querystring("referrer") session("svRef") = vntRef end if if session("svRef") = "" then session("svRef") = vntRef end if %>
where this code goes and how I reference it(if I need to) that would be fantastic. Basically I wasn't told about this until after the site went live and they're now telling me to get it done quick smart so the quicker the better.
I need to set a session cookie with an array(100+) and ad values to the array every time the user choses to ad something (to the array while she/he is navigating the site) and write the content of the array on the page after each addition to the array! So, basically:
1- Set session cookie with array. 2- ad values to the array and write out the whole array after each addition automatically, otherwise just write "no choices" or smth. Can anyone show how to do this codes in ASP briefly?
I get this error when I try to load my site, "default.asp", or any ASP file really. This error comes up inexplicably, once every month or two. I cannot seem to regain access to the site until IIS is restarted. The error is probably caused by something I'm doing in my script, and it seems to be server side in nature.
Has anyone encountered this error before?Does anyone know what would cause this?I'd be happy to offer more information about the server, and/or my script, but I am not very intimate with the server as it is administrated at a remote location by someone else, and I really don't know where to start looking in my script. The web site functions flawlessly for a month or two before this error comes up.
I want to know if user disable cookie, will the session still working? Actually I remember we could disable cookie in IE before (not sure what version, but I couldn't see the option anymore. Now I am using IE6.
I am having a problem tracking down what I believe to be a problem with the way cookies are being used on our website application.
When user log onto the application, an in-memory (per-session) cookie is created to hold the session key for the user. This unique key is assigned as part of the business layer logon process, and never changes while the user is logged on. The call to the business component returns this unique key if the logon was successful, and the cookie is set up as follows:
Once a user has completed this logon process, they must then click past an intermediate agreement page before actually having access to the main application. When this intermediate page is submitted, it accesses the cookie, extracts the session identifier and writes the value to a database table.
The code to achieve this looks something like:
strSessionKey = Request.Cookies("SessionKey") Dim objInstance Set objInstance = Server.CreateObject("SomeComponent.SomeClass") objInstance.StoreIdentifier strSessionKey Set objInstance= nothing
The whole process works fine until I try to do the second stage (the intermediate agreement) with two separate IE sessions (there are 2 separate IEXPLORER.EXE entries in task manager) very quickly.
I can go through the whole process fine, and then while leaving the application open, I can start again with a new IE window and complete the process again. In each case the correct identifier is stored in the database for each separate session.
If I get to the second stage of the logon process with 2 separate IE sessions, and submit both agreement pages at the same time (or as close together as I can), then they both write the same unique session identifier to the database, as if they are accessing the same cookie! The session identifier used is the one from the first agreement page I submit. This definitely only happens if I do this at the same time. Wait a few seconds between the submissions and all is well.
Has anyone come across something like this before and can advise on a possible reason?
clients are redirected to http://www.mysite.com/mypage.asp
This works fine for all but 1 client. He looses a session during the redirect. Apparently his browser interprets https:// and http:// as different domains.
We are working on an old asp project and we noticed that some users get kicked out of the session right after they log in.
I investigated the issue and I found the cause: 1- The user login successfuly. 2- He gets redirected to the menu screen. that's when I set some cookies to cookie("cookie name").expires = Now. that when the session starts to disapear, once the user tries to access other pages (or even refresh), the ASPSESSIONID cookie disapears.
I did some debugging on the http_cookie collection and looks like the ASPSESSION disapears once I set the cookie expiration, although I set the expiration for cookies unrelated to the ASPSESSIONID.
Here is the tricky thing, it works on 90% of the machines, and it doesn't on other machines, it's also random, so some users who had the problem, are now able to work on the system and the problem disapeard.
Have you guys ever had this problem, or do you know if it is related to IE batches or service packs?
When I use a host file entry to point to the host header of the site that I have created on a Win2k server running IIS5, a cookie is not created to hold the session id. The result is that Session_OnStart is run every time a page is requested.
If I set up a DNS entry on the DNS server it all works fine.
I never noticed this problem before we put in Active Directory so it may have something to do with that.
I have set "allow per session cookies" to promt(under Custom Secrity settings in IE) to see if this is being attempted and it is not. So the browser is not even trying to create the session cookie when using the host file.
I have a Win 2003 SP1 with IIS 6 and host about 40 websites, most of them useing ASP/VB with access databases. The server is a Dell Dual 2.4Ghz XEON with 512Mb Ram.
Every few days I get the error 'HTTP/1.1 New Session Failed' and the server stops showing the sites. It comes right after a bit and then the error comes back. I have separed the sites into 10 per application pool but it still does it. Occassionally it will actually look like it is working but the sessions just keep resetting and the users get logged out every 2 or 3 minutes.
There is a hotifx 838306 which according to MS is in SP1 but according to everyone else, is NOT. It wont install on SP 1 because it needs another hotfix first (837001), which will not install because there is a later version of the 2nd hotfix in SP1. Catch 22!
So my solution is to set up my server to reboot every night at 2am. That keeps it going.... barely.
People keep saying you don't need to reboot, just recycle the app pools. Well that does not fix anything, only a cold reboot solves the problem... for a few hours anyway.
I am making a news letter application for my company. The idea is that if the cookie (fictional name Frankie ) don't exist a newsletter is being sent to all subscribers.
