I'm not sure whether this belongs on StackOverflow or on ServerFault, so I've picked SO for as first go. A number of years ago, there was a highly visible discussion about mis-use of HTTP cookies, leading to various cookie filtering proxys and eventually to active cookie filtering in browsers like Firefox and Opera. Even now, Google wil...
I tried, to no avail! My problem is php's setcookie() fails in IE6. It's fully functioning (albeit buggy) for Firefox 3 and IE7/8. The following is the code. IE6 displays fail. Simple question: why? <? header('P3P: CP="DEV PSAi NAV STP DEM OTRo NOI IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"'); setcoo...
In python, I'm using httplib because it "keep-alive" the http connection (as oppose to urllib(2)). Now, I want to use cookielib with httplib but they seem to hate each other!! (no way to interface them together). Does anyone know of a solution to that problem? ...
Hi, If I have a site (e.g. foo.com) and on the home page of foo.com, there is a image request where the src=bar.com..., will the cookies on the bar.com domain be sent to the bar.com servers? Thanks! ...
Hi guys, does anyone know how Pandora saves user profiles/accounts after a user registers? How does it remember the user - even after the user has cleared cookies and cache. I also found today that if you register with one browser and visit Pandora.com with another browser you are recognized as the registered user. Awesome functiona...
I have a dev server in our office that is behind the firewall. The hostname is franklin. We name all our servers after scientists or inventors. When I set an HTTP cookie: Set-Cookie: user=kenny; expires=1245424860.11; Path=/; domain=franklin The cookie doesn't set. I have tried the following with no luck. .franklin .franklin.loc...
I go to a forum which was use vBulletin 3.8. When i login, i use firebug to see what cookies was set. I see those cookie: __utmb, __utmc, __utma, __utmz, bbsessionhash, vbseo_loggedin, bbpassword, bbuserid, bblastactivity, bblastvisit They all were set value, and those domain was same. But when i you javascript to see them, it only sa...
Can someone show me a simple way I can test if someone's cookies are not enabled in php? I want to create a test script to determine if the user can properly use my site. If they cannot, I will redirect them to a couple screen shots to show them what to change. I am only using $_SESSION[] variables, and I beleive that the only thing t...
Whats the best way to get around PHP's user agent matching for sessions without actually changing the global security setting? I can easily pass the session id from the page containing the swf into the swf. Note: This is for swfupload ...
Hello, Having an issue with ASP.NET, when trying to set a cookie on subdomain1.mydomain.com to be read by subdomain2.mydomain.com. "subdomain1" is an ASP.NET application running on IIS 6. "subdomain2" is an ASP Classic application running on IIS6. What I don't understand is that when I test my .NET page (below) in Firefox, it works. ...
I am looking for some code that will return me values if the user has JavaScript enabled or disabled, as well as cookies. I know this is probably easy to do, but my time constraints are so tight, it hurts. There has to be something out there using php that does this. Ideally I would love to find code that has a page setup with all the...
I'm having an issue using the Cookie class of the Servlet API 2.5 on Tomcat . I pull out the list of cookies from the HttpServletRequest object and iterate over them like so: Cookie[] cookies = request.getCookies(); for(Cookie cookie : cookies) { System.out.println("Name=" + cookie.getName() + " Domain=" + cookie.getDomain()); } Ho...
Or maybe i am doing it wrong, why are the cookies not being set when doing a Redirect? static void doLogin() { var req = HttpContext.Current.Request; ... user_cookie.set(userId, loginId); ... HttpContext.Current.Response.Redirect(req["returnLocation"]); } static public void set(long userId, long loginId) { var c...
I want to create a website that the login system shouldn't be handled by cookies, but on (a) table(s) in the local (on the server) SQL DB. Is there a way to do it? Even no partial way? What and where should I save instead of the cookie??? ...
I want to know if, when I make a $.post(...) with jQuery, does any cookie is sent to the server in the post request? Thanks! ...
Here's the set-up: I have a server-based application. So, all the data is on a server (call it server 'A') and users connect to that server using a desktop-based rich client. The rich client also allows the user to connect to some other server (call it 'X'), that is completely unrelated to server A. Question: The user has logged into ...
I have an app that is run from a compiled DLL on a web server. I need to do some Single Sign On (SSO) integration with the app, and the only way I can "inject" functionality, is to modify an external JavaScript file that gets referenced. In the JavaScript file are some code blocks to set cookies with the session ID of that App. I trie...
My site has the following url format: www.mysite.com/Display.aspx?ID=128 However most users see the url as www.mysite.com/Display.aspx?ID=128&AspxAutoDetectCookieSupport=1 How can I avoid &AspxAutoDetectCookieSupport=1 from appearing in the url. Is it to do something with cookie in web.config, but where? And what would be the implic...
We need to ensure that all cookies on a CF7 site are set as HttpOnly. We are using jsessionid to control our sessions, and JRun does not create this as HttpOnly. Whilst it is possible to modify an existing cookie to add this setting, we need to have it set to HttpOnly from the start. Any suggestions? Related Question: Setting Secure...
We have a site running on CF7 that has both logged in and logged out sections, and uses jsessionid for sessions. When switching to HTTPS (for the secure sections), we need to start a new secure session, setting the 'Secure' flag on the jsessionid cookie. Whilst JRun has an option for setting 'Secure' it appears to be an all-or-nothing ...