Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Programming > ASP .Net > ASP .Net Security > Cookies in IE8

Reply
Thread Tools

Cookies in IE8

 
 
MCM
Guest
Posts: n/a
 
      09-14-2009
I have a web app that uses a persistent cookie to store login info. It was
working perfectly in IE7 and still works in all other browsers, but no longer
works IE8. What are the new rules for cookies in IE8 so I can adjust it?
 
Reply With Quote
 
 
 
 
Vince Xu [MSFT]
Guest
Posts: n/a
 
      09-15-2009
Hello,

In IE8, the security bar is promoted. We have to set the domain name in
cookie.
In IE7 and previous version, you can ignore the domain setting. But in IE8,
we need to specific the domain in cookie. So please append the domain
information in each cookie body.

ps:
If you used IE8 beta version, please update it.



Sincerely,

Vince Xu

Microsoft Online Support


==================================================
Get notification to my posts through email? Please refer to
http://msdn.microsoft.com/en-us/subs...#notifications.

MSDN Managed Newsgroup support offering is for non-urgent issues where an
initial response from the community or a Microsoft Support Engineer within
2 business day is acceptable. Please note that each follow up response may
take approximately 2 business days as the support professional working with
you may need further investigation to reach the most efficient resolution.
The offering is not appropriate for situations that require urgent,
real-time or phone-based interactions. Issues of this nature are best
handled working with a dedicated Microsoft Support Engineer by contacting
Microsoft Customer Support Services (CSS) at
http://msdn.microsoft.com/en-us/subs.../aa948874.aspx
==================================================


 
Reply With Quote
 
 
 
 
MCM
Guest
Posts: n/a
 
      09-15-2009
I think I got it worked out here. Something else in my code may have been
causing an issue. But can you confirm these settings for me:


<authentication mode="Forms">
<forms name=".COMPANYASPXAUTH"
domain="company.com"
cookieless="UseCookies"
timeout="43200"
defaultUrl="Home.aspx"
loginUrl="Login.aspx" />
</authentication>



"Vince Xu [MSFT]" wrote:

> Hello,
>
> In IE8, the security bar is promoted. We have to set the domain name in
> cookie.
> In IE7 and previous version, you can ignore the domain setting. But in IE8,
> we need to specific the domain in cookie. So please append the domain
> information in each cookie body.
>
> ps:
> If you used IE8 beta version, please update it.
>
>
>
> Sincerely,
>
> Vince Xu
>
> Microsoft Online Support
>
>
> ==================================================
> Get notification to my posts through email? Please refer to
> http://msdn.microsoft.com/en-us/subs...#notifications.
>
> MSDN Managed Newsgroup support offering is for non-urgent issues where an
> initial response from the community or a Microsoft Support Engineer within
> 2 business day is acceptable. Please note that each follow up response may
> take approximately 2 business days as the support professional working with
> you may need further investigation to reach the most efficient resolution.
> The offering is not appropriate for situations that require urgent,
> real-time or phone-based interactions. Issues of this nature are best
> handled working with a dedicated Microsoft Support Engineer by contacting
> Microsoft Customer Support Services (CSS) at
> http://msdn.microsoft.com/en-us/subs.../aa948874.aspx
> ==================================================
>
>
>

 
Reply With Quote
 
Vince Xu [MSFT]
Guest
Posts: n/a
 
      09-17-2009
Hello,

I think it's fine. Could you please post your code to operate cookie if it
work either?

--
Regards,
Vince
Microsoft Online Support

--------------------
| Thread-Topic: Cookies in IE8
| thread-index: Aco2I3NEmMZI6VH3RZ+FBNiT+ozvXw==
| X-WBNR-Posting-Host: 216.80.121.82
| From: =?Utf-8?B?TUNN?= <(E-Mail Removed)>
| References: <(E-Mail Removed)>
<(E-Mail Removed)>
| Subject: RE: Cookies in IE8
| Date: Tue, 15 Sep 2009 09:42:01 -0700
| Lines: 55
| Message-ID: <(E-Mail Removed)>
| MIME-Version: 1.0
| Content-Type: text/plain;
| charset="Utf-8"
| Content-Transfer-Encoding: 7bit
| X-Newsreader: Microsoft CDO for Windows 2000
| Content-Class: urn:content-classes:message
| Importance: normal
| Priority: normal
| X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.4325
| Newsgroups: microsoft.public.dotnet.framework.aspnet.security
| Path: TK2MSFTNGHUB02.phx.gbl
| Xref: TK2MSFTNGHUB02.phx.gbl
microsoft.public.dotnet.framework.aspnet.security: 3141
| NNTP-Posting-Host: tk2msftibfm01.phx.gbl 10.40.244.149
| X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet.security
|
| I think I got it worked out here. Something else in my code may have been
| causing an issue. But can you confirm these settings for me:
|
|
| <authentication mode="Forms">
| <forms name=".COMPANYASPXAUTH"
| domain="company.com"
| cookieless="UseCookies"
| timeout="43200"
| defaultUrl="Home.aspx"
| loginUrl="Login.aspx" />
| </authentication>
|
|
|
| "Vince Xu [MSFT]" wrote:
|
| > Hello,
| >
| > In IE8, the security bar is promoted. We have to set the domain name in
| > cookie.
| > In IE7 and previous version, you can ignore the domain setting. But in
IE8,
| > we need to specific the domain in cookie. So please append the domain
| > information in each cookie body.
| >
| > ps:
| > If you used IE8 beta version, please update it.
| >
| >
| >
| > Sincerely,
| >
| > Vince Xu
| >
| > Microsoft Online Support
| >
| >
| > ==================================================
| > Get notification to my posts through email? Please refer to
| >
http://msdn.microsoft.com/en-us/subs...#notifications.
| >
| > MSDN Managed Newsgroup support offering is for non-urgent issues where
an
| > initial response from the community or a Microsoft Support Engineer
within
| > 2 business day is acceptable. Please note that each follow up response
may
| > take approximately 2 business days as the support professional working
with
| > you may need further investigation to reach the most efficient
resolution.
| > The offering is not appropriate for situations that require urgent,
| > real-time or phone-based interactions. Issues of this nature are best
| > handled working with a dedicated Microsoft Support Engineer by
contacting
| > Microsoft Customer Support Services (CSS) at
| > http://msdn.microsoft.com/en-us/subs.../aa948874.aspx
| > ==================================================
| >
| >
| >
|

 
Reply With Quote
 
MCM
Guest
Posts: n/a
 
      09-17-2009
Can I e-mail it to you instead?

"Vince Xu [MSFT]" wrote:

> Hello,
>
> I think it's fine. Could you please post your code to operate cookie if it
> work either?
>
> --
> Regards,
> Vince
> Microsoft Online Support
>
> --------------------
> | Thread-Topic: Cookies in IE8
> | thread-index: Aco2I3NEmMZI6VH3RZ+FBNiT+ozvXw==
> | X-WBNR-Posting-Host: 216.80.121.82
> | From: =?Utf-8?B?TUNN?= <(E-Mail Removed)>
> | References: <(E-Mail Removed)>
> <(E-Mail Removed)>
> | Subject: RE: Cookies in IE8
> | Date: Tue, 15 Sep 2009 09:42:01 -0700
> | Lines: 55
> | Message-ID: <(E-Mail Removed)>
> | MIME-Version: 1.0
> | Content-Type: text/plain;
> | charset="Utf-8"
> | Content-Transfer-Encoding: 7bit
> | X-Newsreader: Microsoft CDO for Windows 2000
> | Content-Class: urn:content-classes:message
> | Importance: normal
> | Priority: normal
> | X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.4325
> | Newsgroups: microsoft.public.dotnet.framework.aspnet.security
> | Path: TK2MSFTNGHUB02.phx.gbl
> | Xref: TK2MSFTNGHUB02.phx.gbl
> microsoft.public.dotnet.framework.aspnet.security: 3141
> | NNTP-Posting-Host: tk2msftibfm01.phx.gbl 10.40.244.149
> | X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet.security
> |
> | I think I got it worked out here. Something else in my code may have been
> | causing an issue. But can you confirm these settings for me:
> |
> |
> | <authentication mode="Forms">
> | <forms name=".COMPANYASPXAUTH"
> | domain="company.com"
> | cookieless="UseCookies"
> | timeout="43200"
> | defaultUrl="Home.aspx"
> | loginUrl="Login.aspx" />
> | </authentication>
> |
> |
> |
> | "Vince Xu [MSFT]" wrote:
> |
> | > Hello,
> | >
> | > In IE8, the security bar is promoted. We have to set the domain name in
> | > cookie.
> | > In IE7 and previous version, you can ignore the domain setting. But in
> IE8,
> | > we need to specific the domain in cookie. So please append the domain
> | > information in each cookie body.
> | >
> | > ps:
> | > If you used IE8 beta version, please update it.
> | >
> | >
> | >
> | > Sincerely,
> | >
> | > Vince Xu
> | >
> | > Microsoft Online Support
> | >
> | >
> | > ==================================================
> | > Get notification to my posts through email? Please refer to
> | >
> http://msdn.microsoft.com/en-us/subs...#notifications.
> | >
> | > MSDN Managed Newsgroup support offering is for non-urgent issues where
> an
> | > initial response from the community or a Microsoft Support Engineer
> within
> | > 2 business day is acceptable. Please note that each follow up response
> may
> | > take approximately 2 business days as the support professional working
> with
> | > you may need further investigation to reach the most efficient
> resolution.
> | > The offering is not appropriate for situations that require urgent,
> | > real-time or phone-based interactions. Issues of this nature are best
> | > handled working with a dedicated Microsoft Support Engineer by
> contacting
> | > Microsoft Customer Support Services (CSS) at
> | > http://msdn.microsoft.com/en-us/subs.../aa948874.aspx
> | > ==================================================
> | >
> | >
> | >
> |
>
>

 
Reply With Quote
 
Vince Xu [MSFT]
Guest
Posts: n/a
 
      09-18-2009
Sure, my email address is http://www.velocityreviews.com/forums/(E-Mail Removed)

Regards,
Vince
Microsoft Online Support

 
Reply With Quote
 
MCM
Guest
Posts: n/a
 
      09-18-2009
I e-mail you the code to look at.

The problem is still occuring. It is weird. I can't reproduce it
intentionally. At varying times, the cookie just goes away.


"Vince Xu [MSFT]" wrote:

> Sure, my email address is (E-Mail Removed)
>
> Regards,
> Vince
> Microsoft Online Support
>
>

 
Reply With Quote
 
Vince Xu [MSFT]
Guest
Posts: n/a
 
      09-21-2009
Hello,

Your config is correct. I tried your code sent to me, but I can't reproduct
this issue in my site.
What OS you used? Maybe some plugin generates the conflict with IE8 to
store cookie.
You can access it in another computer with IE8 to see if you encounter the
same issue.

--
Regards,
Vince,
Microsoft Online Support

--------------------
| I e-mail you the code to look at.
|
| The problem is still occuring. It is weird. I can't reproduce it
| intentionally. At varying times, the cookie just goes away.
|
|
| "Vince Xu [MSFT]" wrote:
|
| > Sure, my email address is (E-Mail Removed)
| >
| > Regards,
| > Vince
| > Microsoft Online Support
| >
| >
|

 
Reply With Quote
 
MCM
Guest
Posts: n/a
 
      09-21-2009
Windows 7.

Also, this is not an easily reproducible issue. I can't figure out when the
cookie disappears. It *seems* random.


"Vince Xu [MSFT]" wrote:

> Hello,
>
> Your config is correct. I tried your code sent to me, but I can't reproduct
> this issue in my site.
> What OS you used? Maybe some plugin generates the conflict with IE8 to
> store cookie.
> You can access it in another computer with IE8 to see if you encounter the
> same issue.
>
> --
> Regards,
> Vince,
> Microsoft Online Support
>
> --------------------
> | I e-mail you the code to look at.
> |
> | The problem is still occuring. It is weird. I can't reproduce it
> | intentionally. At varying times, the cookie just goes away.
> |
> |
> | "Vince Xu [MSFT]" wrote:
> |
> | > Sure, my email address is (E-Mail Removed)
> | >
> | > Regards,
> | > Vince
> | > Microsoft Online Support
> | >
> | >
> |
>
>

 
Reply With Quote
 
Vince Xu [MSFT]
Guest
Posts: n/a
 
      09-22-2009
Hello,

Could you please use another machine with IE8(but not win7) to try that? I
guess it's the problem of IE8 in Win7.

If my guess is correct, please do the following steps on IE8:

Internet option -> Security -> Custom Level -> Include local directory path
when uploading files to a server -> enable
Internet option -> Privacy -> Advenced -> enable "Override automatic cookie
handling"

It's not for development. But you can try if it is recovered after we make
sure it's the problem of IE8 in Win7.

--
Regards,
Vince
Microsoft Online Support

 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
ie8!=ie8 cecile Javascript 2 05-24-2010 09:04 AM
Re: Advantages of IE8/64 over IE8/32 PA Bear [MS MVP] Windows 64bit 0 08-17-2009 09:43 PM
Give Request.Cookies and Response.Cookies is there any reason to use another method to use cookies? _Who ASP .Net 7 09-18-2008 07:49 PM
Response.Cookies vs Request.Cookies Alex Nitulescu ASP .Net 1 02-03-2005 09:43 AM
Persistent Cookies vs. session cookies Andy Fish Java 3 11-06-2003 10:44 AM



Advertisments