views:

529

answers:

1

Hello,

for one of my customer's I implemented a site that displays a questionaire. The questions are pulled via JSONP from an MVC application running on a remote site.

In order to recognize the user I use the session. However, as the session id is not guaranteed to be the same on each request I store my own session Id in a session variable.

When the user vistits the site for the first time a session is created in the db and the session variable is set so that I can match the db sesssion with the user's session.

When browsing the site with Firefox everything works fine.

When I use IE 8 to display the site, the session gets reset on the second request to the service providing the questions. This behavior only occurs when the user uses the outside web. Internally, or while debugging the problem does not occur.

To make the error even more bizarre: At the beginning of February we tested the applicaiton using both, IE and Firefox. And everything went allright (both internall and externally).

So has anyone alredy encountered this behavior and can provide some insight into how it can be fixed?

PS: The application runs on IIS 6. PPS: I have a fix, however, this requires some recoding which I rather would like to avoid.

A: 

I think IE will only send a cookie back to where it come from, and that it is very strict in the internet zone about this type of thing. It is less strict in the “local” zone. Firefox may not be as strict.

The fact that IE protects the users privacy more by default is a double edged sword.

Ian Ringrose
Sounds promising, however, if I had only the time to test it. But, this explanation at least sounds sensible.
Obalix
@Ian Ringrose: It's more like a double edged sword of damocles from what I gather :-)
Obalix