473,322 Members | 1,620 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 473,322 software developers and data experts.

Cookies And AJAX

Hi.

I am having a hard time figuring this one out...

I have a sign in page. in my sign in logic, the successful
login uses forms authentication and assigns an HttpCookie
for the site-wide "user id" (ie. "Welcome BillG ! ").

when the user clicks on "signout" from any given page,
an XMLHttp call queries a server script (VB.NET) which
1) signs out the user if he is authenticated and
2) expires the cookie (DateTime.Now.AddYears(-1) ) for "user id".

my problem is that when the request is returned to the
client, it seems to have no effect on the status of the cookie. It
still reads "user id = BillG" when i do javascript:document.cookie.

Is it possible that my server code:

Response.Cookies.Add(cookie)

got complicated with the AJAX call? How do I "immediately" destroy the
cookie so the user is both unauthenticated AND his
user id is removed.

I hope I have explained myself clearly. Thanks for your replies.

Peter

Jun 20 '07 #1
5 22539
pbd22 wrote:
when the user clicks on "signout" from any given page,
an XMLHttp call queries a server script (VB.NET) which
1) signs out the user if he is authenticated and
2) expires the cookie (DateTime.Now.AddYears(-1) ) for "user id".

How do I "immediately" destroy the
cookie so the user is both unauthenticated AND his
user id is removed.
Use javascript to delete cookie immediately:
document.cookie="NAME=;expires="+(new Date(99999).toGMTString())

Jun 20 '07 #2
On Jun 20, 6:12 pm, "scripts.contact" <scripts.cont...@gmail.com>
wrote:
pbd22 wrote:
when the user clicks on "signout" from any given page,
an XMLHttp call queries a server script (VB.NET) which
1) signs out the user if he is authenticated and
2) expires the cookie (DateTime.Now.AddYears(-1) ) for "user id".
How do I "immediately" destroy the
cookie so the user is both unauthenticated AND his
user id is removed.

Use javascript to delete cookie immediately:
document.cookie="NAME=;expires="+(new Date(99999).toGMTString())
You need to understand what "cookie" is to resolve this. A cookie is
simply a line of text in the http-response. If you get that text in an
ajax response (a response to the ajax request) than that won't affect
the cookies on the client's system. To my knowledge, only if you
navigate to a page that contains cookie definitions will affect the
client's cookies, not the ones sent in the ajax response. So, the
trouble is you would either need to parse the ajax response, or think
of something else. Like scripts.contact said, the easiest way to do
this is to ignore the response from the server in that case, and set
the cookie manually in the same javascript chunk of code.

Jun 20 '07 #3
On Jun 20, 9:22 am, Darko <darko.maksimo...@gmail.comwrote:
On Jun 20, 6:12 pm, "scripts.contact" <scripts.cont...@gmail.com>
wrote:
pbd22 wrote:
when the user clicks on "signout" from any given page,
an XMLHttp call queries a server script (VB.NET) which
1) signs out the user if he is authenticated and
2) expires the cookie (DateTime.Now.AddYears(-1) ) for "user id".
How do I "immediately" destroy the
cookie so the user is both unauthenticated AND his
user id is removed.
Use javascript to delete cookie immediately:
document.cookie="NAME=;expires="+(new Date(99999).toGMTString())

You need to understand what "cookie" is to resolve this. A cookie is
simply a line of text in the http-response. If you get that text in an
ajax response (a response to the ajax request) than that won't affect
the cookies on the client's system. To my knowledge, only if you
navigate to a page that contains cookie definitions will affect the
client's cookies, not the ones sent in the ajax response. So, the
trouble is you would either need to parse the ajax response, or think
of something else. Like scripts.contact said, the easiest way to do
this is to ignore the response from the server in that case, and set
the cookie manually in the same javascript chunk of code.

Hi.

Thanks for your replies.
Client Side Cookies seem to be the answer but I can't seem to
get rid of the "loged-in" cookie. The current result is two
cookies with the same key: user id = BillG and user id = guest

I am using the below functions on sign-out:

function del_cookie(name) {
document.cookie = name +'=; expires=Thu, 01-Jan-70 00:00:01
GMT;';
}

function write_cookie (name, value, path)
{
// Build the expiration date string:
var expiration_date = new Date ();
expiration_date.setYear (expiration_date.getYear () + 1);
expiration_date = expiration_date.toGMTString ();

// Build the set-cookie string:
var cookie_string = escape (name) + "=" + escape (value) + ";
expires=" + expiration_date;
if (path != null)
cookie_string += "; path=" + path;

// Create/update the cookie:
document.cookie = cookie_string;
}

called as such:

del_cookie("user id");
write_cookie("user id", "guest", "/");

THIS DOESNT WORK :(

Jun 20 '07 #4
On Jun 20, 1:14 pm, pbd22 <dush...@gmail.comwrote:
On Jun 20, 9:22 am, Darko <darko.maksimo...@gmail.comwrote:
On Jun 20, 6:12 pm, "scripts.contact" <scripts.cont...@gmail.com>
wrote:
pbd22 wrote:
when the user clicks on "signout" from any given page,
an XMLHttp call queries a server script (VB.NET) which
1) signs out the user if he is authenticated and
2) expires the cookie (DateTime.Now.AddYears(-1) ) for "user id".
How do I "immediately" destroy the
cookie so the user is both unauthenticated AND his
user id is removed.
Use javascript to delete cookie immediately:
document.cookie="NAME=;expires="+(new Date(99999).toGMTString())
You need to understand what "cookie" is to resolve this. A cookie is
simply a line of text in the http-response. If you get that text in an
ajax response (a response to the ajax request) than that won't affect
the cookies on the client's system. To my knowledge, only if you
navigate to a page that contains cookie definitions will affect the
client's cookies, not the ones sent in the ajax response. So, the
trouble is you would either need to parse the ajax response, or think
of something else. Like scripts.contact said, the easiest way to do
this is to ignore the response from the server in that case, and set
the cookie manually in the same javascript chunk of code.

Hi.

Thanks for your replies.
Client Side Cookies seem to be the answer but I can't seem to
get rid of the "loged-in" cookie. The current result is two
cookies with the same key: user id = BillG and user id = guest

I am using the below functions on sign-out:

function del_cookie(name) {
document.cookie = name +'=; expires=Thu, 01-Jan-70 00:00:01
GMT;';
}

function write_cookie (name, value, path)
{
// Build the expiration date string:
var expiration_date = new Date ();
expiration_date.setYear (expiration_date.getYear () + 1);
expiration_date = expiration_date.toGMTString ();

// Build the set-cookie string:
var cookie_string = escape (name) + "=" + escape (value) + ";
expires=" + expiration_date;
if (path != null)
cookie_string += "; path=" + path;

// Create/update the cookie:
document.cookie = cookie_string;
}

called as such:

del_cookie("user id");
write_cookie("user id", "guest", "/");

THIS DOESNT WORK :(
Hi. I found the Answer. It is cut and paste below:
FIXED!

It seems that the cookie string used in JavaScript to delete it must
match
EXACTLY the cookie string sent by ASP.NET to save it:

as ASP.NET sends:
login=myloginvalue; expires=gmtdate; path=/

You have to write the following JavaScript to delete the cookie:

var expires = new Date();
expires.setUTCFullYear(expires.getUTCFullYear() - 1);
document.cookie = 'login=; expires=' + expires.toUTCString() + ';
path=/';

It works both on IE and Mozilla!

Henri

Jun 20 '07 #5
In comp.lang.javascript message <11********************@x35g2000prf.goog
legroups.com>, Wed, 20 Jun 2007 09:12:18, scripts.contact
<sc*************@gmail.composted:
>
Use javascript to delete cookie immediately:
document.cookie="NAME=;expires="+(new Date(99999).toGMTString())
Why 99999 rather than 0 ? But
document.cookie="NAME=;expires=Thu, 1 Jan 1970 00:01:39 UTC"

is shorter.

Probably, one does not need the "Thu, ", the " UTC", and maybe not even
the " hh:mm:ss".

--
(c) John Stockton, Surrey, UK. ?@merlyn.demon.co.uk Turnpike v6.05 IE 6.
Web <URL:http://www.merlyn.demon.co.uk/- w. FAQish topics, links, acronyms
PAS EXE etc : <URL:http://www.merlyn.demon.co.uk/programs/- see 00index.htm
Dates - miscdate.htm moredate.htm js-dates.htm pas-time.htm critdate.htm etc.
Jun 21 '07 #6

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

4
by: Brian Burgess | last post by:
Hi all, Anyone know of any special issues with storing cookies with ASP? I'm trying this with two browsers: One is IE 6.0 with cookies set to 'prompt'. This has been working properly as any...
4
by: serge calderara | last post by:
Dear all, I try to make some test on how to use basic cookie but get some trouble in the sens that I was not able to read back previous cretaed cookies. In page_load event I have the following...
13
by: yawnmoth | last post by:
Say I wrote an ajax script to send out HTTP requests via ajax. Any cookies that I have associated with that site will be sent along with this HTTP request. Is there a way to prevent this from...
4
by: Mr. SweatyFinger | last post by:
OK I don't understand ajax, but my page makes a quick ajax call to another page and returns the results. that works ok. That other page is supposed to set a cookie. That doesn't seem to work....
9
by: dougloj | last post by:
Hi. I have an ASP.NET application written in C#. In part of my application, I want to use JavaScript OnClick event function to update a textbox with a string generated asynchronously on the...
1
by: tomb | last post by:
I am setting a cookie in my php code. In one portion of the page, a user click will activate AJAX and the form will be posted to a php script for a dynamic update. Will that php script have...
2
by: John Grandy | last post by:
Is anyone finding that cookies added to the Response.Cookies collection within pages which contain an UpdatePanel do not exist in the Request.Cookies collection when the page is posted back ? ...
10
by: _Who | last post by:
Given Request.Cookies and Response.Cookies in asp.net is there any reason to ever use javascript or any other method to use cookies? Thanks
0
by: DolphinDB | last post by:
Tired of spending countless mintues downsampling your data? Look no further! In this article, you’ll learn how to efficiently downsample 6.48 billion high-frequency records to 61 million...
0
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 6 Mar 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM). In this month's session, we are pleased to welcome back...
1
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 6 Mar 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM). In this month's session, we are pleased to welcome back...
0
by: jfyes | last post by:
As a hardware engineer, after seeing that CEIWEI recently released a new tool for Modbus RTU Over TCP/UDP filtering and monitoring, I actively went to its official website to take a look. It turned...
0
by: ArrayDB | last post by:
The error message I've encountered is; ERROR:root:Error generating model response: exception: access violation writing 0x0000000000005140, which seems to be indicative of an access violation...
1
by: Defcon1945 | last post by:
I'm trying to learn Python using Pycharm but import shutil doesn't work
1
by: Shællîpôpï 09 | last post by:
If u are using a keypad phone, how do u turn on JavaScript, to access features like WhatsApp, Facebook, Instagram....
0
by: af34tf | last post by:
Hi Guys, I have a domain whose name is BytesLimited.com, and I want to sell it. Does anyone know about platforms that allow me to list my domain in auction for free. Thank you
0
by: Faith0G | last post by:
I am starting a new it consulting business and it's been a while since I setup a new website. Is wordpress still the best web based software for hosting a 5 page website? The webpages will be...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.