I have a development website running on Win2K Server, using ASP 3.0. I'm
using IE6 (all updates added).
I have a cookie that is set on a login page, which is an Encrypted password:
Response.Cookies("PWORD")=EncryptedPassword
I then redirect to a page:
Response.Redirect(GotoPage)
and on the page that is redirected, i look at the cookie:
Response.Write(Request.Cookies("PWORD"))
the problem is, when I do the request.cookies, it is NOT encrypted. The only
code that ever sets this cookie is the one line that I showed above, and one
line to set it to "" when the user hits the Logout button.
why is my cookie showing up unencrypted? and how do I fixe this? it seems to
be specific to my machine... but it just started happening last friday - and
i did not update anything, when this started happening. ... i was just
looking at pages on the site.
4  2047 
More Info:
When I do this:
Response.Write(Request.Servervariables("HTTP_COOKI E"))
the results show my cookie in the proper encrypted form.
"Derick Bailey" <db*****@airsysco.com> wrote in message
news:u7**************@TK2MSFTNGP11.phx.gbl... I have a development website running on Win2K Server, using ASP 3.0. I'm
using IE6 (all updates added).
I have a cookie that is set on a login page, which is an Encrypted
password: Response.Cookies("PWORD")=EncryptedPassword
I then redirect to a page:
Response.Redirect(GotoPage)
and on the page that is redirected, i look at the cookie:
Response.Write(Request.Cookies("PWORD"))
the problem is, when I do the request.cookies, it is NOT encrypted. The
only code that ever sets this cookie is the one line that I showed above, and
one line to set it to "" when the user hits the Logout button.
why is my cookie showing up unencrypted? and how do I fixe this? it seems
to be specific to my machine... but it just started happening last friday -
and i did not update anything, when this started happening. ... i was just
looking at pages on the site.
Hi Derick,
Is it possible for EncryptedPassword to return raw string without
Encryption? For example, there are some logical problem in the function? Is
there any some else code in your project which may change the cookie?
Additionally, if you clear the client cookie in IE and browse to the web
site again, will this fix the problem?
Luke
Microsoft Online Support
Get Secure! www.microsoft.com/security
(This posting is provided "AS IS", with no warranties, and confers no
rights.)
there is no logic used when reading the cookie, just
Request.Cookies("PWORD")
deleting the cookie from my hard drive fixed it.
thanks.
"MSFT" <lu******@online.microsoft.com> wrote in message
news:0Z**************@cpmsftngxa07.phx.gbl... Hi Derick,
Is it possible for EncryptedPassword to return raw string without
Encryption? For example, there are some logical problem in the function?
Is there any some else code in your project which may change the cookie?
Additionally, if you clear the client cookie in IE and browse to the web
site again, will this fix the problem?
Luke
Microsoft Online Support
Get Secure! www.microsoft.com/security
(This posting is provided "AS IS", with no warranties, and confers no
rights.)
I suspect "response.cookies("PWORD")" was written directly in your code
without Encryption. So the client cookie save on client disk without
Encryption. You may check your code to see if it is posible.
Luke
Microsoft Online Support
Get Secure! www.microsoft.com/security
(This posting is provided "AS IS", with no warranties, and confers no
rights.) This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics
by: Fred |
last post by:
I've check all the info I can find on cookies and I have gotten some
idea of how to set a cookie, set the expiration, and get the cookie
value.
But I need help bringing it all together to...
|
by: brettr |
last post by:
When I reference document.cookie, there is a long string of key=value;
pairs listed. I may have 100 hundred cookies on my hard drive.
However, most only have one key=value pair. Does the...
|
by: Wysiwyg |
last post by:
After a server created cookie is processed on the client I want it removed,
cleared, or expired in the javascript block but have been unable to do this.
If I set a cookie value in the server code...
|
by: Marty |
last post by:
Something strange is happening on my web site since my hosting provider
upgraded to Server 2003 a few weeks ago.
I use forms authentication in my asp.net application, with essentially
the...
|
by: Bruno |
last post by:
I have a feature that is hosted on a different domain from the primary one
in a frame, and need to retain values in a cookie.
example: A web page at one.com contains a frame which has a page...
|
by: dba123 |
last post by:
I need to "tie together the cookie with the domain" by referencing the
information from my web.config below in my login's codebhind. I don't
understand how. I need to also save that after...
|
by: TokyoJ |
last post by:
I use a popup / prompt requesting the visitor to enter a USERNAME so after the user clicks SUBMIT on the prompt all the pages in the site should greet the user with Hi, USERNAME.
But there are two...
|
by: Jan Danielsson |
last post by:
Hello all,
I'm sure I'm not using this right, but I don't understand what I'm
doing wrong. What I want is to get all the cookies from the request,
then extract the 'sessId' cookie. I'm using...
|
by: Hans |
last post by:
Hi!
I have a login page where I have three different ways to authenticate a
user.
1. Use integrated authentication and read the server variable AUTH_USER and
then verify if this is a valid...
|
by: Charles Arthur |
last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
|
by: BarryA |
last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
|
by: Hystou |
last post by:
There are some requirements for setting up RAID:
1. The motherboard and BIOS support RAID configuration.
2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
|
by: marktang |
last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
|
by: Oralloy |
last post by:
Hello folks,
I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>".
The problem is that using the GNU compilers,...
|
by: jinu1996 |
last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
|
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each...
|
by: agi2029 |
last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing,...
|
by: isladogs |
last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM).
In this session, we are pleased to welcome a new...
| |
