I'm looking for information about 'the best' encryption algorithm for encrypting cookies. I hava the following requirements: It must be fast encrypting and decrypting the data will be done for (nearly) every request It will operate on small data sets, typically strings of around 100 character or less It must be secure, but it's not li...
What is the best way to keep the user logged in when something like "third-party" cookies are disabled. I currently have a Facebook connect app (in only PHP) that works great when I have that checked in Firefox, but redirects to my login page when it's unchecked. Even Facebook's own sample application (therunaround) has the same problem ...
We're testing a web application using SilkTest 2008R2, and need to check the value of the cookies periodically. We currently use javascript via the ExecLine function: BrowserPage.ExecLine ("alert(document.cookie.split(';').join('/n'))", TRUE) and then just read the text off the resulting popup. This is somewhat errorprone. Is there...
I'm using the Context.Request.Cookies object to read/write cookies. I'm simply writing a single line of text that is delimited by tabs ('\t'). Immediately when I read back in the cookie through the Visual Studio 2008 debugger, the cookie object contains the string value, but all the tab characters are converted to spaces. When I publis...
After doing a bit of processing, I want to set a cookie value to user input and then redirect them to a new page. However, the cookie is not getting set. If I comment out the redirect, then the cookie is set successfully. I assume this is a header issue of some sort. What is the best workaround for this situation? if($form_submitted...
Hi, I need to read from an URL to String, and this is not a problem, but some sites demand for cookies to be enabled to provide content. So I need a way to get a content even if the cookies need to be accepted? Cheers ...
I've tried to research this mechanism but only find hints and these are not very consistent. How is the session _id sent to the browser and how is the browser instructed to return it when the user requests a new page? Thanks, Chris ...
What is the difference between a Session and a Cookie? What circumstances should each be used? ...
I wonder if there is a .NET library that mimics a browser in terms of HTTP transactions. In other words I am going to make multiple GET/POST requests and I want the cookies to be persisted to a storage, so that consecutive request will be identified by the remote host. AFAIK cURL has support for this functionality. ...
I am trying to write PHP code to delete all of the user cookies on my domain. Here is what I got: <?php $domain = 'www.example.com'; $deleteExpiration = time() - 60*60*24*365*10; // 10 years ago foreach (array_keys($_COOKIE) as $cookie) { setcookie($cookie, 0, $deleteExpiration, '/', $domain); } Running this code on http://www.ex...
I was told to always URL-encode a UTF-8 string before placing on a cookie. So when a CGI application reads this cookie, it has to URL-decode the string to get the original UTF-8 string. Is this the right way to handle UTF-8 characters in cookies? Is there a better way to do this? ...
I am interested on how to make a regular HttpCookie object into a cookie that expires at the end of a session. I am not interested in someone showing me HttpContext.Session. How does a session cookie look in the response headers compared to a normal cookie? How can I modify a HttpCookie to expire at the end of a session? Thanks! ...
I'm developing on my Mac notebook, I use MAMP. I'm trying to set a cookie with PHP, and I can't. I've left off the domain, I've tried using "\" for the domain. No luck. setcookie("username", "George", false, "/", false); setcookie("name","Joe"); I must be missing something obvious. I need a quick and simple solution to this. Is there...
I'm creating an application that will get the contents of a cookie storing a forms authentication ticket from .net. That part is done. In that ticket is an expiration time, by default 20 minutes. So the scenario is, a user logs in and is validated on the .net side. Then they are redirected to my PHP app. I get the username, ticket expi...
I am using Google Analytics and Google Website Optimizer together. On our development rig I suddenly realized that some cookies were set twice. The GA cookies: __utma __umtb __utmc __utmz where all set both by GWO and GA. I had only expected to see one set of these cookies. GWO set them with a dot in front of the domain name: .de...
I have a login link that fires a javascript function that calls a logout page. This is what the logout page consists of: If Response.Cookies.Count > 0 Then Response.Cookies("aLog").Value = Nothing Response.Cookies.Clear() End If Originally I just had cookies.clear in there, but that wasn't working. Here is the javascript th...
I'm wondering what the maximum size of a web browser's cookie's key is. I know the maximum size of a cookie is 4KB, but does the key have a limitation as well? Thanks! ...
i just installed wordpress (the latest) and im trying to study wordpress to make my creations secure like wordpress does or to its level. I noticed upon logging into wordpress, it created 3 cookies. what I'm trying to figure out is - after logging into wordpress and after it created the cookies for the user. the hash values that are i...
We are facing an issue where the following check fails intermittently in IE: pseudocode: setCookie("name","value", "1d"); if(getCookie("name") === "value"){ return SUCCESS; } else { return FAILURE; } this little routine checks if the user has cookies enabled. it shouldnt fail but it does. is it because IE can only handle a cert...
Hello I use php sessions (not cookies, except for session id cookie) for all user data, and when a user goes to their profile user.mydomain.com they are immediately "logged out" untill then remove the subdomain. Is there a way to accept sessions from all domains as long as its *.mydomain.com thanks! ...