473,545 Members | 2,812 Online
Bytes | Software Development & Data Engineering Community
+ Post

Home Posts Topics Members FAQ

Cookie eater... Problem with IE6 & ASP.

I have a development website running on Win2K Server, using ASP 3.0. I'm
using IE6 (all updates added).

I have a cookie that is set on a login page, which is an Encrypted password:
Response.Cookie s("PWORD")=Encr yptedPassword

I then redirect to a page:

Response.Redire ct(GotoPage)

and on the page that is redirected, i look at the cookie:

Response.Write( Request.Cookies ("PWORD"))

the problem is, when I do the request.cookies , it is NOT encrypted. The only
code that ever sets this cookie is the one line that I showed above, and one
line to set it to "" when the user hits the Logout button.

why is my cookie showing up unencrypted? and how do I fixe this? it seems to
be specific to my machine... but it just started happening last friday - and
i did not update anything, when this started happening. ... i was just
looking at pages on the site.
Jul 19 '05 #1
4 2061
More Info:

When I do this:
Response.Write( Request.Serverv ariables("HTTP_ COOKIE"))
the results show my cookie in the proper encrypted form.

"Derick Bailey" <db*****@airsys co.com> wrote in message
news:u7******** ******@TK2MSFTN GP11.phx.gbl...
I have a development website running on Win2K Server, using ASP 3.0. I'm
using IE6 (all updates added).

I have a cookie that is set on a login page, which is an Encrypted password: Response.Cookie s("PWORD")=Encr yptedPassword

I then redirect to a page:

Response.Redire ct(GotoPage)

and on the page that is redirected, i look at the cookie:

Response.Write( Request.Cookies ("PWORD"))

the problem is, when I do the request.cookies , it is NOT encrypted. The only code that ever sets this cookie is the one line that I showed above, and one line to set it to "" when the user hits the Logout button.

why is my cookie showing up unencrypted? and how do I fixe this? it seems to be specific to my machine... but it just started happening last friday - and i did not update anything, when this started happening. ... i was just
looking at pages on the site.

Jul 19 '05 #2
Hi Derick,

Is it possible for EncryptedPasswo rd to return raw string without
Encryption? For example, there are some logical problem in the function? Is
there any some else code in your project which may change the cookie?
Additionally, if you clear the client cookie in IE and browse to the web
site again, will this fix the problem?

Luke
Microsoft Online Support

Get Secure! www.microsoft.com/security
(This posting is provided "AS IS", with no warranties, and confers no
rights.)

Jul 19 '05 #3
there is no logic used when reading the cookie, just
Request.Cookies ("PWORD")

deleting the cookie from my hard drive fixed it.

thanks.

"MSFT" <lu******@onlin e.microsoft.com > wrote in message
news:0Z******** ******@cpmsftng xa07.phx.gbl...
Hi Derick,

Is it possible for EncryptedPasswo rd to return raw string without
Encryption? For example, there are some logical problem in the function? Is there any some else code in your project which may change the cookie?
Additionally, if you clear the client cookie in IE and browse to the web
site again, will this fix the problem?

Luke
Microsoft Online Support

Get Secure! www.microsoft.com/security
(This posting is provided "AS IS", with no warranties, and confers no
rights.)

Jul 19 '05 #4
I suspect "response.cooki es("PWORD")" was written directly in your code
without Encryption. So the client cookie save on client disk without
Encryption. You may check your code to see if it is posible.

Luke
Microsoft Online Support

Get Secure! www.microsoft.com/security
(This posting is provided "AS IS", with no warranties, and confers no
rights.)

Jul 19 '05 #5

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

5
1528
by: Fred | last post by:
I've check all the info I can find on cookies and I have gotten some idea of how to set a cookie, set the expiration, and get the cookie value. But I need help bringing it all together to accomplish what I need to do. When someone first visits a signup page, I want them to see a popup that says they can sign up within the next 30 days...
5
3305
by: brettr | last post by:
When I reference document.cookie, there is a long string of key=value; pairs listed. I may have 100 hundred cookies on my hard drive. However, most only have one key=value pair. Does the document.cookie variable combine all cookie key=value pairs? All of the examples I've seen discuss referencing a specific cookie. I don't see how this is...
3
11105
by: Wysiwyg | last post by:
After a server created cookie is processed on the client I want it removed, cleared, or expired in the javascript block but have been unable to do this. If I set a cookie value in the server code behind and don't use a domain then I can not change or remove that cookie's value on the client. If I subsequently create the cookie again in the...
2
1468
by: Marty | last post by:
Something strange is happening on my web site since my hosting provider upgraded to Server 2003 a few weeks ago. I use forms authentication in my asp.net application, with essentially the following c# code-behind on my login page: If (FormsAuthentication.Authenticate(UserName.Text, UserPass.Text))...
17
4160
by: Bruno | last post by:
I have a feature that is hosted on a different domain from the primary one in a frame, and need to retain values in a cookie. example: A web page at one.com contains a frame which has a page hosted at two.com If I view the frameset from one.com in Firefox, all works well with the content from two.com. But if trying to view this using IE...
0
1250
by: dba123 | last post by:
I need to "tie together the cookie with the domain" by referencing the information from my web.config below in my login's codebhind. I don't understand how. I need to also save that after doing so: <add key="cookieDomainName" value=".test.com" /> <authentication mode="Forms"> <forms loginUrl="login.aspx" name="CH.COM.AUTH"...
1
2112
by: TokyoJ | last post by:
I use a popup / prompt requesting the visitor to enter a USERNAME so after the user clicks SUBMIT on the prompt all the pages in the site should greet the user with Hi, USERNAME. But there are two problems. 1. From another page in the site, when I return to the HOME page, the prompt reappears even though I've already entered a USERNAME. 2....
1
2061
by: Jan Danielsson | last post by:
Hello all, I'm sure I'm not using this right, but I don't understand what I'm doing wrong. What I want is to get all the cookies from the request, then extract the 'sessId' cookie. I'm using this code: ----------------- from mod_python import Cookie
1
1981
by: Hans | last post by:
Hi! I have a login page where I have three different ways to authenticate a user. 1. Use integrated authentication and read the server variable AUTH_USER and then verify if this is a valid user from a database. If OK I write some session cookies and then re-direct to another page placed in the same folder (which will read the cookie and...
0
7502
marktang
by: marktang | last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However, people are often confused as to whether an ONU can Work As a Router. In this blog post, we’ll explore What is ONU, What Is Router, ONU & Router’s main...
0
7692
Oralloy
by: Oralloy | last post by:
Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers, it seems that the internal comparison operator "<=>" tries to promote arguments from unsigned to signed. This is as boiled down as I can make it. ...
1
7457
by: Hystou | last post by:
Overview: Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows Update option using the Control Panel or Settings app; it automatically checks for updates and installs any it finds, whether you like it or not. For...
1
5360
isladogs
by: isladogs | last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome a new presenter, Adolph Dupré who will be discussing some powerful techniques for using class modules. He will explain when you may want to use classes...
0
5078
by: conductexam | last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one. At the time of converting from word file to html my equations which are in the word document file was convert...
0
3491
by: TSSRALBI | last post by:
Hello I'm a network technician in training and I need your help. I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs. The last exercise I practiced was to create a LAN-to-LAN VPN between two Pfsense firewalls, by using IPSEC protocols. I succeeded, with both firewalls in...
1
1921
by: 6302768590 | last post by:
Hai team i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated we have to send another system
1
1045
muto222
by: muto222 | last post by:
How can i add a mobile payment intergratation into php mysql website.
0
744
bsmnconsultancy
by: bsmnconsultancy | last post by:
In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence can significantly impact your brand's success. BSMN Consultancy, a leader in Website Development in Toronto offers valuable insights into creating...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.