473,700 Members | 2,899 Online
Bytes | Software Development & Data Engineering Community
+ Post

Home Posts Topics Members FAQ

Cookie eater... Problem with IE6 & ASP.

I have a development website running on Win2K Server, using ASP 3.0. I'm
using IE6 (all updates added).

I have a cookie that is set on a login page, which is an Encrypted password:
Response.Cookie s("PWORD")=Encr yptedPassword

I then redirect to a page:

Response.Redire ct(GotoPage)

and on the page that is redirected, i look at the cookie:

Response.Write( Request.Cookies ("PWORD"))

the problem is, when I do the request.cookies , it is NOT encrypted. The only
code that ever sets this cookie is the one line that I showed above, and one
line to set it to "" when the user hits the Logout button.

why is my cookie showing up unencrypted? and how do I fixe this? it seems to
be specific to my machine... but it just started happening last friday - and
i did not update anything, when this started happening. ... i was just
looking at pages on the site.
Jul 19 '05 #1
4 2075
More Info:

When I do this:
Response.Write( Request.Serverv ariables("HTTP_ COOKIE"))
the results show my cookie in the proper encrypted form.

"Derick Bailey" <db*****@airsys co.com> wrote in message
news:u7******** ******@TK2MSFTN GP11.phx.gbl...
I have a development website running on Win2K Server, using ASP 3.0. I'm
using IE6 (all updates added).

I have a cookie that is set on a login page, which is an Encrypted password: Response.Cookie s("PWORD")=Encr yptedPassword

I then redirect to a page:

Response.Redire ct(GotoPage)

and on the page that is redirected, i look at the cookie:

Response.Write( Request.Cookies ("PWORD"))

the problem is, when I do the request.cookies , it is NOT encrypted. The only code that ever sets this cookie is the one line that I showed above, and one line to set it to "" when the user hits the Logout button.

why is my cookie showing up unencrypted? and how do I fixe this? it seems to be specific to my machine... but it just started happening last friday - and i did not update anything, when this started happening. ... i was just
looking at pages on the site.

Jul 19 '05 #2
Hi Derick,

Is it possible for EncryptedPasswo rd to return raw string without
Encryption? For example, there are some logical problem in the function? Is
there any some else code in your project which may change the cookie?
Additionally, if you clear the client cookie in IE and browse to the web
site again, will this fix the problem?

Luke
Microsoft Online Support

Get Secure! www.microsoft.com/security
(This posting is provided "AS IS", with no warranties, and confers no
rights.)

Jul 19 '05 #3
there is no logic used when reading the cookie, just
Request.Cookies ("PWORD")

deleting the cookie from my hard drive fixed it.

thanks.

"MSFT" <lu******@onlin e.microsoft.com > wrote in message
news:0Z******** ******@cpmsftng xa07.phx.gbl...
Hi Derick,

Is it possible for EncryptedPasswo rd to return raw string without
Encryption? For example, there are some logical problem in the function? Is there any some else code in your project which may change the cookie?
Additionally, if you clear the client cookie in IE and browse to the web
site again, will this fix the problem?

Luke
Microsoft Online Support

Get Secure! www.microsoft.com/security
(This posting is provided "AS IS", with no warranties, and confers no
rights.)

Jul 19 '05 #4
I suspect "response.cooki es("PWORD")" was written directly in your code
without Encryption. So the client cookie save on client disk without
Encryption. You may check your code to see if it is posible.

Luke
Microsoft Online Support

Get Secure! www.microsoft.com/security
(This posting is provided "AS IS", with no warranties, and confers no
rights.)

Jul 19 '05 #5

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

5
1534
by: Fred | last post by:
I've check all the info I can find on cookies and I have gotten some idea of how to set a cookie, set the expiration, and get the cookie value. But I need help bringing it all together to accomplish what I need to do. When someone first visits a signup page, I want them to see a popup that says they can sign up within the next 30 days without having to pay an appication fee. Then each time they revisit over the next 30
5
3312
by: brettr | last post by:
When I reference document.cookie, there is a long string of key=value; pairs listed. I may have 100 hundred cookies on my hard drive. However, most only have one key=value pair. Does the document.cookie variable combine all cookie key=value pairs? All of the examples I've seen discuss referencing a specific cookie. I don't see how this is done. Cookies are usually named by the domain. If I want to reference a specific cookie, do I...
3
11118
by: Wysiwyg | last post by:
After a server created cookie is processed on the client I want it removed, cleared, or expired in the javascript block but have been unable to do this. If I set a cookie value in the server code behind and don't use a domain then I can not change or remove that cookie's value on the client. If I subsequently create the cookie again in the codebehind then I actually end up with TWO cookies with the same name in the response. The cookie...
2
1471
by: Marty | last post by:
Something strange is happening on my web site since my hosting provider upgraded to Server 2003 a few weeks ago. I use forms authentication in my asp.net application, with essentially the following c# code-behind on my login page: If (FormsAuthentication.Authenticate(UserName.Text, UserPass.Text)) FormsAuthentication.RedirectFromLoginPage(UserName.Text, true); Note that the createPersistentCookie parameter is set to true.
17
4174
by: Bruno | last post by:
I have a feature that is hosted on a different domain from the primary one in a frame, and need to retain values in a cookie. example: A web page at one.com contains a frame which has a page hosted at two.com If I view the frameset from one.com in Firefox, all works well with the content from two.com. But if trying to view this using IE (with standard security settings), the cookie set by two.com is not accessible.
0
1255
by: dba123 | last post by:
I need to "tie together the cookie with the domain" by referencing the information from my web.config below in my login's codebhind. I don't understand how. I need to also save that after doing so: <add key="cookieDomainName" value=".test.com" /> <authentication mode="Forms"> <forms loginUrl="login.aspx" name="CH.COM.AUTH" path="/"/> </authentication>
1
2116
by: TokyoJ | last post by:
I use a popup / prompt requesting the visitor to enter a USERNAME so after the user clicks SUBMIT on the prompt all the pages in the site should greet the user with Hi, USERNAME. But there are two problems. 1. From another page in the site, when I return to the HOME page, the prompt reappears even though I've already entered a USERNAME. 2. The other pages don't greet the user. The Hi, USERNAME doesn't appear. Could someone offer some...
1
2064
by: Jan Danielsson | last post by:
Hello all, I'm sure I'm not using this right, but I don't understand what I'm doing wrong. What I want is to get all the cookies from the request, then extract the 'sessId' cookie. I'm using this code: ----------------- from mod_python import Cookie
1
1988
by: Hans | last post by:
Hi! I have a login page where I have three different ways to authenticate a user. 1. Use integrated authentication and read the server variable AUTH_USER and then verify if this is a valid user from a database. If OK I write some session cookies and then re-direct to another page placed in the same folder (which will read the cookie and verify that it is valid). This works OK.
0
8709
marktang
by: marktang | last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However, people are often confused as to whether an ONU can Work As a Router. In this blog post, we’ll explore What is ONU, What Is Router, ONU & Router’s main usage, and What is the difference between ONU and Router. Let’s take a closer look ! Part I. Meaning of...
0
8638
by: Hystou | last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can effortlessly switch the default language on Windows 10 without reinstalling. I'll walk you through it. First, let's disable language synchronization. With a Microsoft account, language settings sync across devices. To prevent any complications,...
0
9202
Oralloy
by: Oralloy | last post by:
Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers, it seems that the internal comparison operator "<=>" tries to promote arguments from unsigned to signed. This is as boiled down as I can make it. Here is my compilation command: g++-12 -std=c++20 -Wnarrowing bit_field.cpp Here is the code in...
0
8909
tracyyun
by: tracyyun | last post by:
Dear forum friends, With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each protocol has its own unique characteristics and advantages, but as a user who is planning to build a smart home system, I am a bit confused by the choice of these technologies. I'm particularly interested in Zigbee because I've heard it does some...
1
6555
isladogs
by: isladogs | last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome a new presenter, Adolph Dupré who will be discussing some powerful techniques for using class modules. He will explain when you may want to use classes instead of User Defined Types (UDT). For example, to manage the data in unbound forms. Adolph will...
0
5894
by: conductexam | last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one. At the time of converting from word file to html my equations which are in the word document file was convert into image. Globals.ThisAddIn.Application.ActiveDocument.Select();...
0
4649
by: adsilva | last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
1
3081
by: 6302768590 | last post by:
Hai team i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated we have to send another system
2
2371
muto222
by: muto222 | last post by:
How can i add a mobile payment intergratation into php mysql website.

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.