views:

451

answers:

1

I have a login control which authenticates (form authentication), but not using https/ssl. I figured out that it was the cookie path. I know it's case sensitive, so I set it to /newYork, which is exactly the way the directory name is cased (OS is Vista), but the authentication didn't work under https. I set it to /newyork and the authentication worked under https. I'm just wondering why this worked. In https, does the set cookie work differently?

+2  A: 

The cookie path is case-sensitive:

http://support.microsoft.com/kb/313116

it is also normalized to lower case.

x0n
+1 Good to know!
o.k.w