469,643 Members | 1,486 Online
Bytes | Developer Community
New Post

Home Posts Topics Members FAQ

Post your question to a community of 469,643 developers. It's quick & easy.

Problem with querystrings and cookies

I've noticed a strange problem with setting cookies in ASP when the
cookie name you're setting exists in the querystring. The company I
work for has many partner sites who link to our site like this:
www.mycompany.com/partner.asp?PartnerID=??? The partner.asp page then
sets a cookie called PartnerID containing the value from the
querystring.

We have noticed, however, that if the partner calls the partner.asp
page and alters the capitalization of 'PartnerID' then another cookie
gets set which takes the capitalization of 'PartnerID' from the
querystring. All of the other asp pages in the site then seem to read
the first cookie set and thus it appears that the 'wrong' partner
settings are being used.

Has anyone experienced this problem before? Unfortunately altering the
cookie or querystring names would be a non-trivial task so this is not
an option at the moment.

Eifion
Jul 19 '05 #1
4 2203
How are you setting the cookie? Unless you're grabbing the name part from
the name/value pair in the querystring and using that as a cookie, the
cookie name will be whatever you set it as. Are you sure that you aren't
doing something like Request("partnerid") as opposed to
Request.QUERYSTRING("partnerid") or Request.COOKIES("partnerid")?

Ray at work

"Eifion" <ei**@btinternet.com> wrote in message
news:3f**************************@posting.google.c om...
I've noticed a strange problem with setting cookies in ASP when the
cookie name you're setting exists in the querystring. The company I
work for has many partner sites who link to our site like this:
www.mycompany.com/partner.asp?PartnerID=??? The partner.asp page then
sets a cookie called PartnerID containing the value from the
querystring.

We have noticed, however, that if the partner calls the partner.asp
page and alters the capitalization of 'PartnerID' then another cookie
gets set which takes the capitalization of 'PartnerID' from the
querystring. All of the other asp pages in the site then seem to read
the first cookie set and thus it appears that the 'wrong' partner
settings are being used.

Has anyone experienced this problem before? Unfortunately altering the
cookie or querystring names would be a non-trivial task so this is not
an option at the moment.

Eifion

Jul 19 '05 #2
Ray at <%=sLocation%> wrote:
How are you setting the cookie? Unless you're grabbing the name part from
the name/value pair in the querystring and using that as a cookie, the
cookie name will be whatever you set it as. Are you sure that you aren't
doing something like Request("partnerid") as opposed to
Request.QUERYSTRING("partnerid") or Request.COOKIES("partnerid")?


The code below reproduces the problem. If I go to
http://localhost/cookies.asp?Partner=ABC
I see 'Partner=ABC;' in the JavaScript cookie string. If I then go to
http://localhost/cookies.asp?Partner=DEF
then the cookie gets changed as expected. If I then try
http://localhost/cookies.asp?PArtner=GHI
then another Partner cookie gets appended to the querystring like this
Partner=DEF; ASPSESSIONIDSSAATSAT=LFFBLJKABHFOLLGDOCGOCKOI; PArtner=GHI

which gives two cookies with the same name (except for capitalisation).

Eifion

<%
strSource = Request.QueryString("Partner")
Response.Cookies("Partner") = strSource
%>
<Html>
<Head>
<Title></Title>
</Head>
<Body>
<script type="text/javascript">
document.write(document.cookie);
</script>
</Body>
</Html>
Jul 19 '05 #3
Although I never thought about if this would carry through to such code,
javascript is a case sensitive language. What are you doing with that
client side cookie code anyway?

Ray at work

"Eifion" <ei**@somedomainorother.yada> wrote in message
news:bo**********@hercules.btinternet.com...
Ray at <%=sLocation%> wrote:
How are you setting the cookie? Unless you're grabbing the name part from the name/value pair in the querystring and using that as a cookie, the
cookie name will be whatever you set it as. Are you sure that you aren't doing something like Request("partnerid") as opposed to
Request.QUERYSTRING("partnerid") or Request.COOKIES("partnerid")?


The code below reproduces the problem. If I go to
http://localhost/cookies.asp?Partner=ABC
I see 'Partner=ABC;' in the JavaScript cookie string. If I then go to
http://localhost/cookies.asp?Partner=DEF
then the cookie gets changed as expected. If I then try
http://localhost/cookies.asp?PArtner=GHI
then another Partner cookie gets appended to the querystring like this
Partner=DEF; ASPSESSIONIDSSAATSAT=LFFBLJKABHFOLLGDOCGOCKOI; PArtner=GHI

which gives two cookies with the same name (except for capitalisation).

Eifion

<%
strSource = Request.QueryString("Partner")
Response.Cookies("Partner") = strSource
%>
<Html>
<Head>
<Title></Title>
</Head>
<Body>
<script type="text/javascript">
document.write(document.cookie);
</script>
</Body>
</Html>

Jul 19 '05 #4
Nothing. The problem is that VBScript seems to get confused when reading
the cookies back on the server and sometimes gets the 'wrong' one when I
do a Request.Cookies("PartnerID"), ignoring the most recently set
partner cookie and choosing an earlier one.

Eifion

Ray at <%=sLocation%> wrote:
Although I never thought about if this would carry through to such code,
javascript is a case sensitive language. What are you doing with that
client side cookie code anyway?

Jul 19 '05 #5

This discussion thread is closed

Replies have been disabled for this discussion.

Similar topics

2 posts views Thread by Jan | last post: by
2 posts views Thread by Ian Sedwell | last post: by
reply views Thread by Urban Bettag | last post: by
reply views Thread by André | last post: by
1 post views Thread by maheshv | last post: by
reply views Thread by Jochen Hemberger | last post: by
3 posts views Thread by nabira | last post: by
3 posts views Thread by sewen | last post: by
reply views Thread by gheharukoh7 | last post: by
By using this site, you agree to our Privacy Policy and Terms of Use.