We use FormAuthentication to manage logins and I have a case where a customer complains where he can login from one computer but to from another. I can see in my logs that his authentican is successfull but he gets bumped back to the login page. I can reproduce the symptons by disabling cookies so I asked the customer to test if cookie...
Hi, Is it possible to extend user's session expiration time in CI. What I want to do is, by default every user's session cookie lasts for example 1 day, but every time user visits the site his session expiration time is extended by one more day. I don't know if it is a good idea to do this, maybe I should just set cookies life time for...
How to check the what all properties(Secure,HttpOnly) are set for a cookie using Classic ASP or JavaSript? ...
G'day, I am developing server application with Ruby on Rails and I'd like to store session token in each request's body. For example {"token":"asdkjahsdoahgfblkasblbag"}. And I am stuck, really don't know how to configure authlogic to handle token from params, not via cookie. And how to prevent "set-cookie" header sending? Thanks, Ale...
I'm using the WebRequest object to post data to a login page, then post data to a seperate page on the same site. I am instantiating a CookieContainer and assigning it to the WebRequest object so that the cookies are handled. The problem is that I do not want to retain the cookie after I post data to the other page. How can I delete t...
I have the following code which pulls json data from an ASP.NET page and displays these as notifications. The code will also take a note of what's been pulled through and store it in an array to prevent it being shown again in the same session. I'm now trying to implement functionality so that when the user closes a message, it's ID is ...
For each user, I want to allow them to choose their preferences, such as which categories to show on their profile, which tags they want to see, etc. Would cookies be better than sessions because they don't expire when users logoff? ...
I am programmatcally accessing authenticated content in my CDN on Google App Engine, and it's returning a cookie that I'm supposed to store: {"set-cookie"=>"ACSID=cookie-hash; expires=Mon, 12-Apr-2010 01:56:06 GMT; path=/"} What do I do with that? This is my first time dealing with Cookies. I can put in the header of the next reques...
Quick yes/no - I'm building an AJAX application and some scripts require authentication. Can I read $_COOKIE['username'] and $_COOKIE['password'] on the server if the PHP script was called via XHR, whether that be $.get() or $.post()? Side question: Can it also set cookies? Is that considered "good practice"? ...
The task was to bypass login form on remote server with a session_id acquired through a call to server's web API. So that user wouldn't have to login twice. Since there's no way to set cookies for different domain. What we came up to was - put a little file on remote server, to which we pass encrypted session_id from hidden iframe and w...
I suppose there should be a way to set a cookie to be accessible from the entire domain nevermind from which directory you are setting the cookie. Say in mypage.com/blue/index.php y set the cookie "colour=blue;" this way: document.cookie = "colour" + "=" + "blue" + "; expires=" + expireDate.toGMTString() + "; path=/"; Usi...
We're creating a new consumer/public-facing ASP.Net web app. There are two concerns: --Use cookie or cookieless forms authentication? --If we decide not to use cookies at all, how would you store the data that would otherwise be stored in the cookie (Customer ID, AffiliateID, etc.). Does the ASP.Net authentication framework track s...
I have searched the web for this and couldn't find anything (well one remotely relevant post), so here I am. We have multiple ASP.NET apps in IIS 6 using Forms Authentication with dedicated path for each app. Since path is case sensitive it must match URL's path section exactly. However, because of an incorrect casing in IIS 6 Metabas...
When I retrieve the cookies in my java servlet, all of the values from getPath() are null. So if a cookie with the same name is set in directory /foo, and at the root directory, I retrieve two cookies with the same exact name, but I can't differentiate them because getPath() returns null for both. I looked in firebug and saw that firef...
Hello, I write a little Tool in C# with Visual Studio 2008. My Problem: I login to a website by HTTP-webrequest, I get an authentification cookie, thats all ok. Than I make a new HTTP-webrequest and add the cookies from the first request to call the next page where i can see my personal data. I see that the cookies will associated wi...
I have a strange bug that occurs in IE7/XP and IE8/Vista on my website. IE sends two cookies named PHPSESSID. How to reproduce: Clear cookies in IE (not necessary if you never visited unisender.com). Visit unisender.com (exactly without www to reproduce!) and it will redirect to www.unisender.com Login with any valid username and pass...
I'm using Apache 1.3 with mod_rewrite it doesn't support the cookie|CO flag for rewrites. The code bellow works fine in Apache 2.0 # Works fine with Apache 2.0 RewriteRule ^/$ http://www.example.com/rs/ [CO=name:value:.example.com:240:/,R=301] Is there a way to do the same with Apache 1.3? Can I use: Header set Set-Cookie "name=valu...
Anyone know how I can use httponly cookies for sessions and cookies on the app engine? In the javadoc for the Cookie class, http://java.sun.com/javaee/6/docs/api/javax/servlet/http/Cookie.html#setHttpOnly(boolean) , there is a setHttpOnly method. I get a compiler error when trying to use it when developing for app engine though. The...
I am trying to use PHP session without using cookies. I have enabled session.use_trans_sid and disabled session.use_cookies in my php.ini file. I have also disabled cookies in my firefox browser. Now, when I navigate between pages, I am unable to access the variable in the session object set from a previous page. BTW, I am aware that usi...
Hello, I am new to Javascript and Web development and I have a question regarding the document.location.href. I am using a cookie for storing the language the user prefers and then load the english or the swedish version depending on the language. The default language in the beginning is the same as the browser's language, and my index...