session-cookies

Any recent changes to IE session cookies?

Hi All, I have a PHP site that uses a fairly common authentication scheme. The entire login area requires ssl. A user enters their username and pw, if they match the db, a session is started and a value set for them. If they try to visit a page that requires authentication, it checks to see if that value is present in the session, and...

Reason to rename ASP.NET Session Cookie Name?

Hello, is there any reason (safety?) why someone should rename the ASP.NET Session Cookie Name or is it just a senseless option of ASP.NET? ...

Instantiate ASP.NET Session from Session Cookie

Hello, is it possible to instantiate a session from a session cookie? I have a scenario, where (due to pipeline) I have the cookie available, but I my ASP.NET Http Context did not construct the Context.Session object yet. Can I do this manually, referencing the cookie or its contents somehow? ...

session-cookies is not expiring

I used frames in my application. After 60 mins if i press any link or refresh the frame its taking me to login screen since the cookie got expired. But When I press refresh (f5) even after 60 minutes it is still keeping the login cookies alive and can access all pages. ...

Cross Server Cookies, PHP

Hi, We have 2 web servers, one secure and one normal. Is it possible to set a cookie like this setcookie("basket[id]", $newID, time()+60*60*24, "/", SITE_URL, 0, true); setcookie("basket[id]", $newID, time()+60*60*24, "/", SECURE_SITE_URL, 1, false); Where SITE_URL = www.sitename.com SECURE_SITE_URL = xxxxx.securesitename.com ...

i recieved warning when set cookie

i used mvc concept for my project... i can set cookies index page... but i can not set cookies in view page,,, i received the following warning... Warning: Cannot modify header information - headers already sent by... thanks advance ...

iphone bookmarklet cookie persistence

I have an iphone (jqtouch based) web app that uses cookies for authentication. The use flow is as follows : user goes to the mobile landing page and is instructed to save the page as a bookmarklet on their home page. they launch the bookmarklet to go to a login page to login and get a cookie. the cookie works and they can navigate thr...

WWW::Mechanize Perl login only works after relaunch

Hello, I'm trying to login automatically in a website using Perl with WWW::Mechanize. What I do is: $bot = WWW::Mechanize->new(); $bot->cookie_jar( HTTP::Cookies->new( file => "cookies.txt", autosave => 1, ignore_discard => 1, ) ); $response = $bot->get( 'http://blah...

Google Analytics - Goals - Advanced Segments - Does it keep cookies for tracking visitors?

Hi there, I am working with Google Analytics - Goals and Funnels for quite sometime, but one thing is is not clear for me. I would very much appreciate if you could help me. We are advertising on several sites rotating several different ads. Our main goal is to collect as many sign-ups (new users) as possible for as low price as possib...

Page Rendering occurs blank page because of Old Cookie

Hi! I am developing application using J2EE (JSF,RichFaces, Jetty/Glashfish). Sometimes when I click on some link I get nothing returned to the browser at all (blank page). But when i refresh the page all contents appears in page. After some trail and error i found that it is cookies problem: It happens bez some old cookie not deleted ...

Prevent PHP from sending the PHPSESSID cookie with requests?

I am serving dynamic image content which is generated by PHP. But for such requests to a .php file, the PHPSESSID cookie is being sent along, which is a waste. Is it possible to prevent PHP from sending this cookie with requests to a PHP file? Or is it completely necessary for PHP to work? Thanks for your time! ...

Sessions and cookies

I currently have a website that allows my visitors to login via a simple script i've pasted together and wrote. Currently I only use sessions to keep visitors logged in. Are there any advantages to adding cookies to my website to store user logged in status? Or is there a better way altogether? using PHP ...

Using the same cookie in two logins

Hi everyone, I need your help I've a MVC project that uses Jquery, where I've implemented a mechanism of "Remember Me" using cookies to save, clear and retrieve the login and password. I also have two screens where the user does the login. I want that both logins manipulate the same cookie. I've got to implement it, but I've realized ...

Recreating Cookies on another Domain

Hi, I have a site on A.com and an iframe on B.com which reads info from A.com. I realize that there is some problems with third party cookies, iframes and P3P - particularly in Safari [my problem] Is it possible to instead, use AJAX or a hidden iFrame to pass the cookie information from A.com to B.com which will then "recreate" anothe...

Servlet Session - switch from URL Rewriting to Cookie

Situation: I have a "dumb" Javascript frontend that can contact some kind of SSO middleware (MW). The MW can obtain sessions by issuing requests that contain authentication credentials (username, password). I.e. the session will be created for a certain user. My frontend needs to "restart" the session to gain the user's permissions to t...

Setting HTTPONLY for Classic Asp Session Cookie

Hello all, Does anyone know exactly how to set HTTPONLY on classic ASP session cookies? This is the final thing that's been flagged in a vulnerability scan and needs fixing ASAP, so any help is appreciated. ~~~A LITTLE MORE INFORMATION ON MY PROBLEM~~~ Can anyone please help me with this? I need to know how to set HTTPONLY on the AS...

PHP Session Management, Counting Users With Cookie

I want to, upon loading the page, store a cookie in the user's browser. Then, using AJAX, count the number of users with that cookie and send it off to a database row every 1 second or so. How is this accomplished? ...

Where does IE store the ASP.NET_SessionId cookie?

I am a bit baffled here; using IE7, ASP.NET 2.0 and Cassini (the VS built-in web server; although the same thing seems to be true for "real" applications deployed in IIS) I am looking for the session-id-cookie. My test page shows a session id (by printing out Session.SessionId) and Response.Cookies.Keys contains ASP.NET_SessionId. So fa...

How should I implement session storage on node.js

I'm creating josi, a web framework for node.js. And I'd like to add session storage. What would be the best way to implement this? I'm assuming it probably has to be cookie based, but I'm interested in knowing if any other frameworks have a different approach. ...

CSRF vulnerability / cookies question

Just want to get input from people who know. I was considering CSRF vulnerabilities, and the seemingly the most popular method I know to fight against it. That method is to create a token in the returned html and adding a cookie with the same value. So if a script tries to do a post they would have to guess the token thats embedded in th...