VK wrote:
Control Freq wrote:
Well, I made some progress.
If I add the URL to the list of trusted sites in Tools|Internet Options
| Privacy (tab) | Sites then I can sort of get the cookies to be
remembered.
The cookie works while I am navigating pages on the site.
However, if I close IE and start a new session then the cookie is not
there!
Do you have proper rules set in your P3P file on the server? (If your
answer would be "and what is P3P?" then we've most probably jumped
right on the problem ;-).
Well, a compact privacy policy would help but it depends on the
security settings in IE. The default setting would block cookies, but I
have temporarily got around that by adding the URL to the list of
trusted sites.
However, in doing this I noticed that the URL I was using was
incorrect. This is due to the webhop DNS redirection I mentioned in the
OP. So, by using the hidden URL in the domain setting of the cookie I
can now get it all to work. I have also added a compact policy to the
headers so that I don't need to add the URL in the trusted sites list.
Unfortunately, this means that someone can view the page source and see
the underlying URL. I don't know if this is a security risk or not.
Thanks for the suggestions, and help. But, as I suspected, the problem
lay in the domain setting of the cookie all along, I just needed the
correct domain!
>
In relevance to JavaScript the cookie handling is as simple as
reading/setting document.cookie property and I don't see how it would
affect the issue (though it *may*). Otherwise a more relevant newsgroup
would be <comp.infosystems.www.servers.miscor something else more
HTTP data exchange specific. We may try to end it up here but in this
case an abstract problem description doesn't make the trick any more.
It has to be an URL (not a code sample, but an active URL)
demonstrating the actual problem.