472,968 Members | 1,671 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 472,968 software developers and data experts.

Cookie Problem in Vb.Net

I am writing the Following coding for preventing Session Fixation
attack in ASP.Net website, but I could not retrieve the cookie added and the
value of

cookie_value remains blank.


Imports System.Web.UI.WebControls
Imports System.Web.HttpResponse
Imports System.Security.Cryptography
Public Class AntiFixation
Inherits System.Web.UI.Page
#Region " Web Form Designer Generated Code "

'This call is required by the Web Form Designer.
<System.Diagnostics.DebuggerStepThrough()Private Sub

End Sub
Protected WithEvents TextBox1 As System.Web.UI.WebControls.TextBox

'NOTE: The following placeholder declaration is required by the Web Form
'Do not delete or move it.
Private designerPlaceholderDeclaration As System.Object

Private Sub Page_Init(ByVal sender As System.Object, ByVal e As
System.EventArgs) Handles MyBase.Init
'CODEGEN: This method call is required by the Web Form Designer
'Do not modify it using the code editor.
End Sub

#End Region

Private Sub Page_Load(ByVal sender As System.Object, ByVal e As
System.EventArgs) Handles MyBase.Load
'Put user code to initialize the page here
End Sub
Private Function RandomString(ByVal l)
Dim value, i, r
For i = 0 To l
r = Int(Rnd * 62)
If r < 10 Then
r = r + 48
ElseIf r < 36 Then
r = (r - 10) + 65
r = (r - 10 - 26) + 97
End If
value = value & Chr(r)
RandomString = value
End Function

' This routine should be called after the user has been authenticated.
' It is expected that the session has been invalidated prior to this call.
Public Sub AntiFixationInit()

Dim value
value = RandomString(10)

Dim cookie1 As HttpCookie
cookie1 = New HttpCookie("CLoginSessionID", value)

cookie1.Path = "http://demotemp259.nic.in/"

cookie1.Value = value


Session("LoginSessionID") = value

End Sub

Public Sub AntiFixationVerify(ByVal LoginPage)
Dim session_value
Dim cookie_value as HttpCookie

If (Not (cookie_value Is Nothing)) Then
cookie_value =
HttpContext.Current.Request.Cookies("CLoginSession ID")
Session("cooki") = cookie_value.values
Dim val
If (Not (cookie_value Is Nothing)) Then
val = cookie_value
End If

End If
session_value = Session("LoginSessionID")

If (Not (HttpContext.Current.Request.Cookies("CLoginSessio nID") Is
Nothing)) Then

If Trim(cookie_value) <Trim(session_value) Then
End If

End If
End Sub
End Class
Please help me , how to get the value of cookie - cookie_value

Thank you
Nov 19 '07 #1
0 1060

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

by: Shannon Jacobs | last post by:
I'm doing some trivial surveys, and I want to know if the same user answers twice. Can't really know that, but at least I thought I could check for the same browser/computer combination by using a...
by: chrism | last post by:
Hello, I have a pop-up window that I would like to appear in front of the browser home page when a user opens IE. Problem is, I'd like it to never appear again if the user navigates back to the...
by: brettr | last post by:
When I reference document.cookie, there is a long string of key=value; pairs listed. I may have 100 hundred cookies on my hard drive. However, most only have one key=value pair. Does the...
by: socialism001 | last post by:
I'm trying to store a value in a cookie but its not working. Can anyone see what I might be doing wrong. Thanks, Chris ~~~~~~~~~~~~~~~~~~ <script language="javascript">...
by: Marco Krechting | last post by:
Hi All, I have a page with a list of hyperlinks. I want to save information in a cookie about the fact that I entered an hyperlink or not. When I click one of the hyperlinks I want this stored...
by: Wysiwyg | last post by:
After a server created cookie is processed on the client I want it removed, cleared, or expired in the javascript block but have been unable to do this. If I set a cookie value in the server code...
by: CR1 | last post by:
I found a great cookie script below, but don't know how to make it also pass the values sent to the cookie, to a querystring as well for tracking purposes. Can anyone help? If there was a way to...
by: kelvlam | last post by:
Hello all, I'm still a bit new with JavaScript, and I hope the guru here can shed some light for me. It's regarding handling cookie and the case-sensitive nature of JavaScript itself. My...
by: kelly.pearson | last post by:
Is this a bug? I am trying to write a cookie that can be accessed by various .Net applications on our domain. However, whenever I add the domain property to the cookie, no errors get thrown but...
by: cbhoem | last post by:
Hi - I am trying my hand at python cookies. I'm confused about a few things though. Do the python cookies get written to a cookies text file? I have simple code below -- I see the cookie in...
by: DJRhino | last post by:
Was curious if anyone else was having this same issue or not.... I was just Up/Down graded to windows 11 and now my access combo boxes are not acting right. With win 10 I could start typing...
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 4 Oct 2023 starting at 18:00 UK time (6PM UTC+1) and finishing at about 19:15 (7.15PM) The start time is equivalent to 19:00 (7PM) in Central...
by: tracyyun | last post by:
Hello everyone, I have a question and would like some advice on network connectivity. I have one computer connected to my router via WiFi, but I have two other computers that I want to be able to...
by: giovanniandrean | last post by:
The energy model is structured as follows and uses excel sheets to give input data: 1-Utility.py contains all the functions needed to calculate the variables and other minor things (mentions...
by: NeoPa | last post by:
Hello everyone. I find myself stuck trying to find the VBA way to get Access to create a PDF of the currently-selected (and open) object (Form or Report). I know it can be done by selecting :...
by: NeoPa | last post by:
Introduction For this article I'll be using a very simple database which has Form (clsForm) & Report (clsReport) classes that simply handle making the calling Form invisible until the Form, or all...
by: Teri B | last post by:
Hi, I have created a sub-form Roles. In my course form the user selects the roles assigned to the course. 0ne-to-many. One course many roles. Then I created a report based on the Course form and...
by: nia12 | last post by:
Hi there, I am very new to Access so apologies if any of this is obvious/not clear. I am creating a data collection tool for health care employees to complete. It consists of a number of...
by: NeoPa | last post by:
Introduction For this article I'll be focusing on the Report (clsReport) class. This simply handles making the calling Form invisible until all of the Reports opened by it have been closed, when it...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.