cookies

Can cookies be copied between machines to impersonate a user?

We have an application that among other things, checks the existence of a cookie and reads and decrypts the contents of the cookie. Though the data stored inside the cookie is not sensitive, it has been encrypted via TripleDes encryption. A question was raised today whether the cookie saved on a single PC, could be copied on to another P...

ASP.NET Cookie Expires value resets on Response.Redirect?

I have a script that reads a form and puts some info into a cookie: Dim oCookie as HttpCookie oCookie = New HttpCookie("authInfo") Select Case oResult Case "No ClientID", "No Password", "No PracType", "No Encrypt", "CRC Mismatch" oCookie.Values.Add("LoggedIn", "False") oCookie.Values.Add("OnSupport", "False") Case "Client Can Up...

Tracking users referral (PHP / MySQL)

Greetings, Is there any script that keep track users referral and set cookie on users referred so whenever they leave site and come back, it still will be count as referred by person.. thanks. ...

Cookie Problem in Python

I'm working on a simple HTML scraper for Hulu in python 2.6 and am having problems with logging on to my account. Here's my code so far: import urllib import urllib2 from cookielib import CookieJar #make a cookie and redirect handlers cookies = CookieJar() cookie_handler= urllib2.HTTPCookieProcessor(cookies) redirect_handler= urllib2....

asp.net cookies, authentication and session timeouts

I have an asp.net website that uses forms authentication. There are a few things I keep in sessions like username, userID, email, etc. I allow the user to stay logged into the website by setting a long expiration date on the authentication cookie. So it's very common for the session to expire while the user is still authenticated. The ...

Passing cookie data between iframes

Say I have a website, www.example.com, with a login box which sits in an iframe situated in api.example.com. My question is: Is it possible to pass cookie data from the inner iframe (api.example.com to the website, so the website knows when the user logged in? Is it possible to do this client-side, without the need to refresh the whole...

ASP MVC Cookies not persisting

I have a ASP MVC App with some seemingly simple code to save and retrieve cookies but for some reason they won't persist. The code in the controller is : if (System.Web.HttpContext.Current.Response.Cookies["CountryPreference"] == null) { HttpCookie cookie = new HttpCookie("CountryPreference"); cookie.Value = country; cookie....

ASP.NET User Profile vs using Cookies

I think, in almost all cases user preference data may be stored in a cookie with (almost) equally good results as when the User Profile API is used. Disadvantages of using cookies (for authenticated users) seem to be that a cookie can be deleted or time-out, in which case the user preference data will be lost. For anonymous users, if the...

Accessing third party cookies in Firefox

We're building a Facebook application here at work, using the iframe method. For the application to work, it needs to set cookies from within the iframe. Safari has third party cookies disabled by default, so we are currently redirecting the whole browser to our server, set the cookie required to track the session, and then redirect bac...

Any means of reading third party cookies from "friend" sites?

A recent question made me post this one. I'm working on a set of web pages that have some very simple user login, and store the user id in a cookie. Let's say that due to certain decisions which I'm in no position to overrule, the pages use several alternate domain names. I.e., the login page uses one domain name, and the page that shou...

When POSTing a form with URLRequest, how to include cookies from browser session?

(With reference to this answer:) When I POST with a URLRequest, does it automatically include cookies from the browser session in which Flash is hosted? If not, how can I make it include them, or if necessary retrieve them and include them myself? ...

Changing the browser preference from javascript

Dear All I'm having a problem with cookies, if the browser has cookies disabled, the cookie gets rejected. Is there a way enable cookies on the clients browser, that is compatible with IE, Firefox ,Opera and Chrome? ...

Why are request cookie poperties null or incorrect on ASP.NET postback?

I'm debugging the HttpContext.Current.Request.Cookie values in an ASP.NET web application, and finding the only property correctly populated is the Value. The Domain and Path are null, and the Expires value is set to DateTime.Min. ...

Flash+PHP+cookie

I want an animation play only once in the browser. If any user seen the movie and if goes to any other page or refresh(F5) and then come back on the animation page then animation should not play from start. I want to play it from another frame. I think it can be done by set cookie or somthing using javascript or php. Please anybody he...

Javascript bridge to Flash to store SO "cookies" within flash

After reading this on the question How do I uniquely identify computers visiting my web site? : A possibility is using flash cookies: Ubiquitous availability (95 percent of visitors will probably have flash) You can store more data per cookie (up to 100 KB) Shared across browsers, so more likely to uniquely identify a machin...

Why are two authentication cookies being created? One for www and the other without the www.

Hi, I'm having this problem with my dotnetnuke website where the .DOTNETNUKE cookie is being created twice, one for www.website.com and one for website.com. When a user logins in with a url of website.com and tries to access a page that is www.website.com it causes them to re-loggin with a new cookie for www.website.com. This results...

Can I use localhost as the domain when setting an HTTP cookie?

I am using a jQuery plugin to set cookies and when I use localhost for the domain it will not store the cookie. Here is the plugin I am using with jQuery 1.2.6. http://www.stilbuero.de/2006/09/17/cookie-plugin-for-jquery/ Below is the code that I am using. You can see it does not like localhost, and I am running it from a development ...

PHP session seemingly not working

Session variables are apparently not working for me. I don't know what I'm doing wrong. This is the code that I'm using to check for a valid password: if ($input_password_hash == $password_hash) { session_start(); $_SESSION['is_user'] = 1; header("Location: ../new_look"); //or Location: index.php } else echo "Wrong password."; ...

How can flash pass J2EE authentication - it can't send a cookie containing jsessionid

We have a web page of a J2EE application, in which the user signs-in to the application. It contains a flash widget that needs to call services in the server, using the session that the user created. The web page passes the jsessionid to the flash widget, in order for the flash to use it to pass the authentication. However, the flash p...

Is it possible to set a cookie for a site /server other than you own?

Here's the quick version of my question: Is it possible to set a cookie somehow into a client's browser when the cookie is for use with a different server (in this case an Exchange mail server)? In this scenario the server trying to set the cookie is at "intranet.myschool.edu" and the exchange server is at "owa_server.myschool.edu". ...