5 Replies - 2872 Views - Last Post: 27 July 2012 - 09:29 AM

#1 Galaxy_Stranger  Icon User is offline

  • D.I.C Head

Reputation: 1
  • View blog
  • Posts: 100
  • Joined: 07-February 06

Cookie issue

Posted 20 July 2012 - 11:03 AM

Howdy ho

I'm working on an asp.net forms web app. I'm writing a cookie to see if the user has cookies enabled. Then, I tell IE and Firefox to ask me when to accept a cookie. I browse the web and I get asked about cookies.

Ok, so I start up my app in visual studio - locally. And IE9 just goes straight through the process and doesn't ask me about the cookie. I look at the file system and, sure enough, the cookie has been created and has my data in it. I delete the cookie and restart the app - as soon as I hit my page, the cookie has been written and filled with data.

Firefox acts the same way.

I've also put this app on a remote machine. When I browse to it, Firefox blocks the cookies successfully but IE9 acts exactly the same as when I host locally.

What should I do?

Is This A Good Question/Topic? 1
  • +

Replies To: Cookie issue

#2 jared.deckard  Icon User is offline

  • New D.I.C Head

Reputation: 18
  • View blog
  • Posts: 46
  • Joined: 11-July 12

Re: Cookie issue

Posted 20 July 2012 - 11:20 AM

Internet Options > Privacy > Advanced

Quote

You can choose how cookies are handled in the Internet zone. This overrides automatic cookie handling.


Is the remote computer you used on the same network as the server?
If so, it follows the rules for Local intranet, which does not have cookie configuration.

You may need to manually add your server to the Internet zone sites list.
Was This Post Helpful? 1
  • +
  • -

#3 Galaxy_Stranger  Icon User is offline

  • D.I.C Head

Reputation: 1
  • View blog
  • Posts: 100
  • Joined: 07-February 06

Re: Cookie issue

Posted 25 July 2012 - 09:01 AM

Thanks for the reply, Jared. I added my local web service to the "Internet" zone. That fixed it. Kind of. I have also set up a remote machine. This is just really strange.

I've set up a machine that accesses the web server from outside the network - as one would hitting the web site. I've blocked cookies. My code writes a cookie and then checks the value I've placed into it. If it can't get the value from the cookie, it's supposed to redirect the user and, (for testing purposes), it saves a string to a session variable so I know what the if statement has done and that value is grabbed by a label so I can read it.

So, when I authenticate with blocked cookies, something in .NET refuses to allow access to the system, yet my redirect doesn't work and the label says that cookies are not blocked - and at the same time I verify that no cookie has been written.

So, it looks like there is some .NET mechanism handling the situation.

I don't get what's going on. Do you know what it is?
Was This Post Helpful? 0
  • +
  • -

#4 jared.deckard  Icon User is offline

  • New D.I.C Head

Reputation: 18
  • View blog
  • Posts: 46
  • Joined: 11-July 12

Re: Cookie issue

Posted 25 July 2012 - 02:07 PM

Are you sure the redirect is not working?

One possibility:
Cookie fails, add session variable, redirect, session reset because of redirect, new page doesn't think the cookie failed because there is no session variable, label displays that cookie worked.

Another possibility:
You may not be testing that the cookie was created correctly. Try commenting out the line that creates the cookie to make sure it redirects and displays the fail message.

Post some code if that's not the problem.
Was This Post Helpful? 1
  • +
  • -

#5 Galaxy_Stranger  Icon User is offline

  • D.I.C Head

Reputation: 1
  • View blog
  • Posts: 100
  • Joined: 07-February 06

Re: Cookie issue

Posted 26 July 2012 - 08:25 AM

It looks like ASP.NET is using "Cookie Authentication", which I have not heard of before. I'm reading about this now, but it makes sense that this would preempt any logic on page load.

I will post my research.
Was This Post Helpful? 0
  • +
  • -

#6 Galaxy_Stranger  Icon User is offline

  • D.I.C Head

Reputation: 1
  • View blog
  • Posts: 100
  • Joined: 07-February 06

Re: Cookie issue

Posted 27 July 2012 - 09:29 AM

Ok, I'm going to give up on writing and reading cookie data - the application logic is not behaving according to whether or not I have set a cookie on the client's computer. But this is what's happening:

On both IE9 and Firefox 14, if I have blocked cookies the ASP.NET web application will not allow the user to authenticate. If I have allowed cookies, the web app allows access. Ok, so that solves the problem of anyone getting in without cookies enabled. But I don't have control over the behavior of the app.

If you have cookies disabled on the client browser, the web app refuses authentication, (I presume does a post-back), and stays on Login.aspx. At the least, I'd like to display a message to the user when this happens. What I had been trying to do is redirect to a "no access" page that tells you that you don't have access and why you were denied, which is the default page I've set when a user tries to access content when he has not been assigned a Role that does have access.

Do you know how I can control this?
Was This Post Helpful? 0
  • +
  • -

Page 1 of 1