By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
457,734 Members | 880 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 457,734 IT Pros & Developers. It's quick & easy.

Problem with querystrings and cookies

P: n/a
I've noticed a strange problem with setting cookies in ASP when the
cookie name you're setting exists in the querystring. The company I
work for has many partner sites who link to our site like this:
www.mycompany.com/partner.asp?PartnerID=??? The partner.asp page then
sets a cookie called PartnerID containing the value from the
querystring.

We have noticed, however, that if the partner calls the partner.asp
page and alters the capitalization of 'PartnerID' then another cookie
gets set which takes the capitalization of 'PartnerID' from the
querystring. All of the other asp pages in the site then seem to read
the first cookie set and thus it appears that the 'wrong' partner
settings are being used.

Has anyone experienced this problem before? Unfortunately altering the
cookie or querystring names would be a non-trivial task so this is not
an option at the moment.

Eifion
Jul 19 '05 #1
Share this Question
Share on Google+
4 Replies


P: n/a
How are you setting the cookie? Unless you're grabbing the name part from
the name/value pair in the querystring and using that as a cookie, the
cookie name will be whatever you set it as. Are you sure that you aren't
doing something like Request("partnerid") as opposed to
Request.QUERYSTRING("partnerid") or Request.COOKIES("partnerid")?

Ray at work

"Eifion" <ei**@btinternet.com> wrote in message
news:3f**************************@posting.google.c om...
I've noticed a strange problem with setting cookies in ASP when the
cookie name you're setting exists in the querystring. The company I
work for has many partner sites who link to our site like this:
www.mycompany.com/partner.asp?PartnerID=??? The partner.asp page then
sets a cookie called PartnerID containing the value from the
querystring.

We have noticed, however, that if the partner calls the partner.asp
page and alters the capitalization of 'PartnerID' then another cookie
gets set which takes the capitalization of 'PartnerID' from the
querystring. All of the other asp pages in the site then seem to read
the first cookie set and thus it appears that the 'wrong' partner
settings are being used.

Has anyone experienced this problem before? Unfortunately altering the
cookie or querystring names would be a non-trivial task so this is not
an option at the moment.

Eifion

Jul 19 '05 #2

P: n/a
Ray at <%=sLocation%> wrote:
How are you setting the cookie? Unless you're grabbing the name part from
the name/value pair in the querystring and using that as a cookie, the
cookie name will be whatever you set it as. Are you sure that you aren't
doing something like Request("partnerid") as opposed to
Request.QUERYSTRING("partnerid") or Request.COOKIES("partnerid")?


The code below reproduces the problem. If I go to
http://localhost/cookies.asp?Partner=ABC
I see 'Partner=ABC;' in the JavaScript cookie string. If I then go to
http://localhost/cookies.asp?Partner=DEF
then the cookie gets changed as expected. If I then try
http://localhost/cookies.asp?PArtner=GHI
then another Partner cookie gets appended to the querystring like this
Partner=DEF; ASPSESSIONIDSSAATSAT=LFFBLJKABHFOLLGDOCGOCKOI; PArtner=GHI

which gives two cookies with the same name (except for capitalisation).

Eifion

<%
strSource = Request.QueryString("Partner")
Response.Cookies("Partner") = strSource
%>
<Html>
<Head>
<Title></Title>
</Head>
<Body>
<script type="text/javascript">
document.write(document.cookie);
</script>
</Body>
</Html>
Jul 19 '05 #3

P: n/a
Although I never thought about if this would carry through to such code,
javascript is a case sensitive language. What are you doing with that
client side cookie code anyway?

Ray at work

"Eifion" <ei**@somedomainorother.yada> wrote in message
news:bo**********@hercules.btinternet.com...
Ray at <%=sLocation%> wrote:
How are you setting the cookie? Unless you're grabbing the name part from the name/value pair in the querystring and using that as a cookie, the
cookie name will be whatever you set it as. Are you sure that you aren't doing something like Request("partnerid") as opposed to
Request.QUERYSTRING("partnerid") or Request.COOKIES("partnerid")?


The code below reproduces the problem. If I go to
http://localhost/cookies.asp?Partner=ABC
I see 'Partner=ABC;' in the JavaScript cookie string. If I then go to
http://localhost/cookies.asp?Partner=DEF
then the cookie gets changed as expected. If I then try
http://localhost/cookies.asp?PArtner=GHI
then another Partner cookie gets appended to the querystring like this
Partner=DEF; ASPSESSIONIDSSAATSAT=LFFBLJKABHFOLLGDOCGOCKOI; PArtner=GHI

which gives two cookies with the same name (except for capitalisation).

Eifion

<%
strSource = Request.QueryString("Partner")
Response.Cookies("Partner") = strSource
%>
<Html>
<Head>
<Title></Title>
</Head>
<Body>
<script type="text/javascript">
document.write(document.cookie);
</script>
</Body>
</Html>

Jul 19 '05 #4

P: n/a
Nothing. The problem is that VBScript seems to get confused when reading
the cookies back on the server and sometimes gets the 'wrong' one when I
do a Request.Cookies("PartnerID"), ignoring the most recently set
partner cookie and choosing an earlier one.

Eifion

Ray at <%=sLocation%> wrote:
Although I never thought about if this would carry through to such code,
javascript is a case sensitive language. What are you doing with that
client side cookie code anyway?

Jul 19 '05 #5

This discussion thread is closed

Replies have been disabled for this discussion.