By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
449,309 Members | 2,035 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 449,309 IT Pros & Developers. It's quick & easy.

URGENT: Strange Cookie Problem! Production App is Failing!

P: n/a
Gentlemen, your urgent help is needed in solving a STRANGE problem.

I have two servers a dev box, and a production box. On the dev box
everything works fine, in production it hoses:

One of the things a user can do is click a "Change region" link which takes
them to a map of the world. They can then select one of four regions.

When they select a region it takes them to a page which reads a variable and
then sets a cookie which is then referenced throughout the site.

like: cds.asp?r=0 (0,1,2,3 are the valid valies)

NOW I'm not asking you to debug code, as I am POSITIVE it has nothing to do
with that and here's why:

DEV BOX Running:
- Default FTP (All IPs)
- Default SMTP (All IPs)
- Default NNTP (All IPs)
- Default Web Server (IP-1:80)
- New Web Server (IP-2:80)
- New Web Server - Back Door (IP-1:88)
* IP-1 and IP-2 are assigned to the same network card, there is no second
NIC.

All three web servers are pointing at the same physical directory. (The
reason is irrelevant, but if you must know it's because we're using a
security ISAPI filter which screws up Front Page Extensions. SO the second
IP allows FP to connect and the back door allows a script to run)

If I hit the Default Web Server the cookies are updated and everything
changes fine.
If I hit "New Web Server - Back Door" or "New Web Server" the cookie appears
to get updated on the page doing the work (I checked by printing both the
variable and the request.cookie) but then is not for any other pages
referencing it.

My Production server is set up in much the same way.
Jul 19 '05 #1
Share this Question
Share on Google+
10 Replies


P: n/a
PS - The servers are running NT 4.0
Jul 19 '05 #2

P: n/a
Do any of the machines have underscores in their name? For other
possibilities see
http://www.aspfaq.com/2157

--
Aaron Bertrand
SQL Server MVP
http://www.aspfaq.com/


"Tony Archer" <me@_N05PAM_tonyarcher.com> wrote in message
news:ef**************@TK2MSFTNGP11.phx.gbl...
Gentlemen, your urgent help is needed in solving a STRANGE problem.

I have two servers a dev box, and a production box. On the dev box
everything works fine, in production it hoses:

One of the things a user can do is click a "Change region" link which takes them to a map of the world. They can then select one of four regions.

When they select a region it takes them to a page which reads a variable and then sets a cookie which is then referenced throughout the site.

like: cds.asp?r=0 (0,1,2,3 are the valid valies)

NOW I'm not asking you to debug code, as I am POSITIVE it has nothing to do with that and here's why:

DEV BOX Running:
- Default FTP (All IPs)
- Default SMTP (All IPs)
- Default NNTP (All IPs)
- Default Web Server (IP-1:80)
- New Web Server (IP-2:80)
- New Web Server - Back Door (IP-1:88)
* IP-1 and IP-2 are assigned to the same network card, there is no second
NIC.

All three web servers are pointing at the same physical directory. (The
reason is irrelevant, but if you must know it's because we're using a
security ISAPI filter which screws up Front Page Extensions. SO the second IP allows FP to connect and the back door allows a script to run)

If I hit the Default Web Server the cookies are updated and everything
changes fine.
If I hit "New Web Server - Back Door" or "New Web Server" the cookie appears to get updated on the page doing the work (I checked by printing both the
variable and the request.cookie) but then is not for any other pages
referencing it.

My Production server is set up in much the same way.

Jul 19 '05 #3

P: n/a
Nope. It's just one cookie being used. Called "CDSRegion"

Here is the code. But again. It works fine if I browse the site using the
default web server, but NOT if I hit the SAME files from a different IP or
port.

<% Response.Buffer = TRUE %>
<%
Dim sFullPageLink

CDS_Region = Request.QueryString("r")

IF CDS_Region = "" THEN
CDS_Region = Request.Cookies("CDSRegion")
ELSE
Response.Cookies("CDSRegion") = CDS_Region
Response.Cookies("CDSRegion").Expires = DateAdd("m", 1, Date)
END IF
%>

Other pages then try to:

CDS_Region = Request.Cookies("CDSRegion")

"Aaron Bertrand - MVP" <aa***@TRASHaspfaq.com> wrote in message
news:eh**************@tk2msftngp13.phx.gbl...
Do any of the machines have underscores in their name? For other
possibilities see
http://www.aspfaq.com/2157

--
Aaron Bertrand
SQL Server MVP
http://www.aspfaq.com/

Jul 19 '05 #4

P: n/a
None of the other possibilities in the article are true for me.

Any other ideas?

"Aaron Bertrand - MVP" <aa***@TRASHaspfaq.com> wrote in message
news:eh**************@tk2msftngp13.phx.gbl...
Do any of the machines have underscores in their name? For other
possibilities see
http://www.aspfaq.com/2157

--
Aaron Bertrand
SQL Server MVP
http://www.aspfaq.com/

Jul 19 '05 #5

P: n/a
> Nope. It's just one cookie being used.

What question are you answering here? I asked about MACHINES (e.g.
SERVERS), not cookies.

Did you investigate the other bullet points at http://www.aspfaq.com/2157?
If your code is correct, I'd be very surprised if this isn't being caused by
one (or more) of those reasons...

--
Aaron Bertrand
SQL Server MVP
http://www.aspfaq.com/
Jul 19 '05 #6

P: n/a
When you go from one site to the other, does the lower right icon change
from Trusted Sites to something else, or vice versa?

Does it all work using a downgraded browser, e.g. IE 5.0 or Netscape?

--
Aaron Bertrand
SQL Server MVP
http://www.aspfaq.com/


"Tony Archer" <me@_N05PAM_tonyarcher.com> wrote in message
news:ey**************@TK2MSFTNGP12.phx.gbl...
None of the other possibilities in the article are true for me.

Any other ideas?

"Aaron Bertrand - MVP" <aa***@TRASHaspfaq.com> wrote in message
news:eh**************@tk2msftngp13.phx.gbl...
Do any of the machines have underscores in their name? For other
possibilities see
http://www.aspfaq.com/2157

--
Aaron Bertrand
SQL Server MVP
http://www.aspfaq.com/


Jul 19 '05 #7

P: n/a
Doh!

Answered the wrong question. No, the machine names have no underscores in
the names.

Just to be sure I don't miss any:

1.. Make sure cookies are enabled in your browser - session variables
require cookies.

*THEY ARE
2.. If you are using IE 6.0, the new privacy policy settings might be
biting you in the rear. You will need to read up on P3P, and discover how IE
is affected in KB #293222.

* HAPPENS REGARDLESS OF IE 5.5 or 6.0

3.. If you are using IE 5.5 or IE 6.0, and your local server name has an
underscore or other non-alphanumeric character (other than a dash) in the
name, then cookies will not work correctly. One workaround is to access the
machine by IP address; others include renaming the server or at least adding
an entry to the clients' hosts files, or alter your local DNS/WINS, or add a
new host header to the web server, with a more friendly name. For more info,
see KB #312461 and KB #316112.

*NO UNDERSCORES IN NAME
4.. Make sure you haven't disabled session state in Internet Services
Manager, and that it has an appropriate timeout value:

* IT IS ENABLED AND SET TO 20 (DEFAULT)
5.. Check that you aren't expecting to maintain session variables across:

* I AM NOT.

6.. If you are relying on session or application variables created in
global.asa, make sure that global.asa is in fact firing (see Article #2076).

* I AM NOT.
7.. If you are running McAfee, it may be scanning global.asa constantly,
and preventing your application from behaving consistently (see KB #303881)

*I AM NOT.

8.. Finally, check to see that you aren't manually disabling the user's
session, either by a coding/logic/database error, a misplaced <%@
ENABLESESSIONSTATE = False %> (which will affect a specific page), or an
errant session.timeout value (which will affect all pages).

*I AM NOT.
"Aaron Bertrand - MVP" <aa***@TRASHaspfaq.com> wrote in message
news:OY****************@TK2MSFTNGP12.phx.gbl...
Nope. It's just one cookie being used.
What question are you answering here? I asked about MACHINES (e.g.
SERVERS), not cookies.

Did you investigate the other bullet points at http://www.aspfaq.com/2157?
If your code is correct, I'd be very surprised if this isn't being caused

by one (or more) of those reasons...

--
Aaron Bertrand
SQL Server MVP
http://www.aspfaq.com/

Jul 19 '05 #8

P: n/a
No, it stays "Internet" the entire time, regardless.

Same issue using Opera to browse.

My personal feeling is that it has to do with how the path for the cookie is
being stored. My bet is that IIS is for some reason sending the default web
server as the path and then when it comes time to read the cookie it cannot
find it under the name it is looking for.

--Tony
"Aaron Bertrand - MVP" <aa***@TRASHaspfaq.com> wrote in message
news:%2****************@TK2MSFTNGP12.phx.gbl...
When you go from one site to the other, does the lower right icon change
from Trusted Sites to something else, or vice versa?

Does it all work using a downgraded browser, e.g. IE 5.0 or Netscape?

--
Aaron Bertrand
SQL Server MVP
http://www.aspfaq.com/


"Tony Archer" <me@_N05PAM_tonyarcher.com> wrote in message
news:ey**************@TK2MSFTNGP12.phx.gbl...
None of the other possibilities in the article are true for me.

Any other ideas?

"Aaron Bertrand - MVP" <aa***@TRASHaspfaq.com> wrote in message
news:eh**************@tk2msftngp13.phx.gbl...
Do any of the machines have underscores in their name? For other
possibilities see
http://www.aspfaq.com/2157

--
Aaron Bertrand
SQL Server MVP
http://www.aspfaq.com/



Jul 19 '05 #9

P: n/a
Maybe I've been asking the wrong questions. I was assuming that the same
code, on each server, was behaving differently, depending on the server.

Now, it's my impression that you are setting a cookie on IP-1, and expecting
to read it on IP-2, or IP-1:different port #?

--
Aaron Bertrand
SQL Server MVP
http://www.aspfaq.com/


"Tony Archer" <me@_N05PAM_tonyarcher.com> wrote in message
news:#V**************@TK2MSFTNGP12.phx.gbl...
No, it stays "Internet" the entire time, regardless.

Same issue using Opera to browse.

My personal feeling is that it has to do with how the path for the cookie is being stored. My bet is that IIS is for some reason sending the default web server as the path and then when it comes time to read the cookie it cannot find it under the name it is looking for.

--Tony

Jul 19 '05 #10

P: n/a
Nope. Your first was correct.

If I hit the code on IP-1 I expect to see it on IP-1

If I hit the code on IP-2 I expect to see it on IP-2

The code sets the cookie when you hit it 1st and then reads it thereafter.
I am not changing IPs or ports half way through the site. If you come in on
IP-1:80 then you stay there, if you come in on IP-1:88 then you stay there,
if you come in on IP-2:80 then you stay there.

(otherwise my answer to question 5 would have to be "Oops, there's the
problem," but it isn't :P)

I also realize that you are used to dealing with people who usually aren't
.... well ... thorough. But I am :)

I based my conclusion below on this article:
http://support.microsoft.com/?id=324337

Although it doesn't seem to match exactly the problem I'm having. Also,
trying their code of:

Response.Cookies("TestCookie").Path = "/"

Didn't solve anything either :(

"Aaron Bertrand - MVP" <aa***@TRASHaspfaq.com> wrote in message
news:eT**************@TK2MSFTNGP09.phx.gbl...
Maybe I've been asking the wrong questions. I was assuming that the same
code, on each server, was behaving differently, depending on the server.

Now, it's my impression that you are setting a cookie on IP-1, and expecting to read it on IP-2, or IP-1:different port #?

--
Aaron Bertrand
SQL Server MVP
http://www.aspfaq.com/


"Tony Archer" <me@_N05PAM_tonyarcher.com> wrote in message
news:#V**************@TK2MSFTNGP12.phx.gbl...
No, it stays "Internet" the entire time, regardless.

Same issue using Opera to browse.

My personal feeling is that it has to do with how the path for the
cookie is
being stored. My bet is that IIS is for some reason sending the default

web
server as the path and then when it comes time to read the cookie it

cannot
find it under the name it is looking for.

--Tony


Jul 19 '05 #11

This discussion thread is closed

Replies have been disabled for this discussion.