469,304 Members | 2,192 Online
Bytes | Developer Community
New Post

Home Posts Topics Members FAQ

Post your question to a community of 469,304 developers. It's quick & easy.

Cookie eater... Problem with IE6 & ASP.

I have a development website running on Win2K Server, using ASP 3.0. I'm
using IE6 (all updates added).

I have a cookie that is set on a login page, which is an Encrypted password:
Response.Cookies("PWORD")=EncryptedPassword

I then redirect to a page:

Response.Redirect(GotoPage)

and on the page that is redirected, i look at the cookie:

Response.Write(Request.Cookies("PWORD"))

the problem is, when I do the request.cookies, it is NOT encrypted. The only
code that ever sets this cookie is the one line that I showed above, and one
line to set it to "" when the user hits the Logout button.

why is my cookie showing up unencrypted? and how do I fixe this? it seems to
be specific to my machine... but it just started happening last friday - and
i did not update anything, when this started happening. ... i was just
looking at pages on the site.
Jul 19 '05 #1
4 1956
More Info:

When I do this:
Response.Write(Request.Servervariables("HTTP_COOKI E"))
the results show my cookie in the proper encrypted form.

"Derick Bailey" <db*****@airsysco.com> wrote in message
news:u7**************@TK2MSFTNGP11.phx.gbl...
I have a development website running on Win2K Server, using ASP 3.0. I'm
using IE6 (all updates added).

I have a cookie that is set on a login page, which is an Encrypted password: Response.Cookies("PWORD")=EncryptedPassword

I then redirect to a page:

Response.Redirect(GotoPage)

and on the page that is redirected, i look at the cookie:

Response.Write(Request.Cookies("PWORD"))

the problem is, when I do the request.cookies, it is NOT encrypted. The only code that ever sets this cookie is the one line that I showed above, and one line to set it to "" when the user hits the Logout button.

why is my cookie showing up unencrypted? and how do I fixe this? it seems to be specific to my machine... but it just started happening last friday - and i did not update anything, when this started happening. ... i was just
looking at pages on the site.

Jul 19 '05 #2
Hi Derick,

Is it possible for EncryptedPassword to return raw string without
Encryption? For example, there are some logical problem in the function? Is
there any some else code in your project which may change the cookie?
Additionally, if you clear the client cookie in IE and browse to the web
site again, will this fix the problem?

Luke
Microsoft Online Support

Get Secure! www.microsoft.com/security
(This posting is provided "AS IS", with no warranties, and confers no
rights.)

Jul 19 '05 #3
there is no logic used when reading the cookie, just
Request.Cookies("PWORD")

deleting the cookie from my hard drive fixed it.

thanks.

"MSFT" <lu******@online.microsoft.com> wrote in message
news:0Z**************@cpmsftngxa07.phx.gbl...
Hi Derick,

Is it possible for EncryptedPassword to return raw string without
Encryption? For example, there are some logical problem in the function? Is there any some else code in your project which may change the cookie?
Additionally, if you clear the client cookie in IE and browse to the web
site again, will this fix the problem?

Luke
Microsoft Online Support

Get Secure! www.microsoft.com/security
(This posting is provided "AS IS", with no warranties, and confers no
rights.)

Jul 19 '05 #4
I suspect "response.cookies("PWORD")" was written directly in your code
without Encryption. So the client cookie save on client disk without
Encryption. You may check your code to see if it is posible.

Luke
Microsoft Online Support

Get Secure! www.microsoft.com/security
(This posting is provided "AS IS", with no warranties, and confers no
rights.)

Jul 19 '05 #5

This discussion thread is closed

Replies have been disabled for this discussion.

Similar topics

5 posts views Thread by Fred | last post: by
5 posts views Thread by brettr | last post: by
17 posts views Thread by Bruno | last post: by
1 post views Thread by Jan Danielsson | last post: by
1 post views Thread by Hans | last post: by
1 post views Thread by CARIGAR | last post: by
reply views Thread by zhoujie | last post: by
reply views Thread by suresh191 | last post: by
reply views Thread by harlem98 | last post: by
By using this site, you agree to our Privacy Policy and Terms of Use.