468,249 Members | 1,492 Online
Bytes | Developer Community
New Post

Home Posts Topics Members FAQ

Post your question to a community of 468,249 developers. It's quick & easy.

Cookie Problem in Vb.Net

hello,
I am writing the Following coding for preventing Session Fixation
attack in ASP.Net website, but I could not retrieve the cookie added and the
value of

cookie_value remains blank.

----------------------------------------------------------

Imports System.Web.UI.WebControls
Imports System.Web.HttpResponse
Imports System.Security.Cryptography
Public Class AntiFixation
Inherits System.Web.UI.Page
#Region " Web Form Designer Generated Code "

'This call is required by the Web Form Designer.
<System.Diagnostics.DebuggerStepThrough()Private Sub
InitializeComponent()

End Sub
Protected WithEvents TextBox1 As System.Web.UI.WebControls.TextBox

'NOTE: The following placeholder declaration is required by the Web Form
Designer.
'Do not delete or move it.
Private designerPlaceholderDeclaration As System.Object

Private Sub Page_Init(ByVal sender As System.Object, ByVal e As
System.EventArgs) Handles MyBase.Init
'CODEGEN: This method call is required by the Web Form Designer
'Do not modify it using the code editor.
InitializeComponent()
End Sub

#End Region

Private Sub Page_Load(ByVal sender As System.Object, ByVal e As
System.EventArgs) Handles MyBase.Load
'Put user code to initialize the page here
End Sub
Private Function RandomString(ByVal l)
Dim value, i, r
Randomize()
For i = 0 To l
r = Int(Rnd * 62)
If r < 10 Then
r = r + 48
ElseIf r < 36 Then
r = (r - 10) + 65
Else
r = (r - 10 - 26) + 97
End If
value = value & Chr(r)
Next
RandomString = value
End Function

' This routine should be called after the user has been authenticated.
' It is expected that the session has been invalidated prior to this call.
Public Sub AntiFixationInit()

Dim value
value = RandomString(10)

Dim cookie1 As HttpCookie
cookie1 = New HttpCookie("CLoginSessionID", value)

cookie1.Path = "http://demotemp259.nic.in/"

cookie1.Value = value

HttpContext.Current.Response.Cookies.Add(cookie1)

Session("LoginSessionID") = value

End Sub

Public Sub AntiFixationVerify(ByVal LoginPage)
Dim session_value
Dim cookie_value as HttpCookie

If (Not (cookie_value Is Nothing)) Then
cookie_value =
HttpContext.Current.Request.Cookies("CLoginSession ID")
Session("cooki") = cookie_value.values
Dim val
If (Not (cookie_value Is Nothing)) Then
val = cookie_value
End If

End If
session_value = Session("LoginSessionID")

If (Not (HttpContext.Current.Request.Cookies("CLoginSessio nID") Is
Nothing)) Then

If Trim(cookie_value) <Trim(session_value) Then
HttpContext.Current.Response.Redirect(LoginPage)
End If

End If
End Sub
End Class
Please help me , how to get the value of cookie - cookie_value

Thank you
Nov 19 '07 #1
0 983

This discussion thread is closed

Replies have been disabled for this discussion.

Similar topics

5 posts views Thread by brettr | last post: by
4 posts views Thread by socialism001 | last post: by
9 posts views Thread by Marco Krechting | last post: by
6 posts views Thread by kelvlam | last post: by
2 posts views Thread by kelly.pearson | last post: by
5 posts views Thread by cbhoem | last post: by
reply views Thread by NPC403 | last post: by
By using this site, you agree to our Privacy Policy and Terms of Use.