Re: Session cookies disappear!

Tech-Archive recommends: Fix windows errors by optimizing your registry

From: Mark Schupp (notvalid_at_email.net)
Date: 03/18/05 

Date: Thu, 17 Mar 2005 17:36:55 -0800

It is not IIS it is IE that is dropping cookies and it is by design.

http://support.microsoft.com/default.aspx?scid=kb;en-us;316112 

-- 
--Mark Schupp
Head of Development
Integrity eLearning
www.ielearning.com
"Adam Short" <adam@phuture-uk.net> wrote in message 
news:%23k5EBjzKFHA.2796@tk2msftngp13.phx.gbl...
> If this is a random occurrance, you're not alone.
>
> I think I have found the solution though.  If the server is a Windows
> server, which I suspect it is, the name of the server must not contain any
> _.
>
> Micorsoft IIS6 randomly drops sessions by design if an underscore _ is
> contained in the server name, some sort of security flaw or something.  To
> fix the problem make sure the machine name does not have an _ and make 
> sure
> the workgroup it belongs to does not have an _.
>
> I recently experienced this problem on a new server I am renting and 
> changed
> the workgroup as stated above and it seems to be stable.
>
> Try it and see
>
> "Nicolae Fieraru" <nospam@please.com> wrote in message 
> news:4238fa1d$1@duster.adelaide.on.net...
>> Hi All,
>>
>> I recently discovered that my session cookies on the web host disappear 
>> within 30 seconds.
>> I created some very simple asp scripts (it took me a while until I 
>> discovered why my shopping cart acts very weird...) to check the session 
>> cookies.
>>
>> On one asp page I set up cookies:
>>
>> setcookie.asp
>> <%
>> Session("TransactionID") = 15
>> Session("CustomerID") = 1
>> %>
>>
>> and on
>>
>> readcookie.asp
>> <%
>> response.write "Session(""TransactionID"")=" & Session("TransactionID") & 
>> "<br>"
>> response.write "Session(""CustomerID"")=" & Session("CustomerID") & 
>> "<br>"
>> %>
>>
>> The same asp pages run on my XP Pro show that the session cookies don't 
>> expire as long as I close the browser, while on the remote web server, if 
>> I do a refresh on readcookie.asp after 30 seconds, they are gone.
>>
>> I run ASP on the server and all I know is that it is a Plesk server. No 
>> idea if it actually a Linux server or a Windows one...
>> Do I have to setup expiry time or something for session cookies?
>> Any information appreciated.
>>
>> Regards,
>> Nicolae
>>
>
>

Relevant Pages

  • Re: Attempt to de-mystify AJAX
    ... >> poster said "I don't want to hodl tons of data in a hidden frame, ... I never use cookies so a user ... How do you "break" the session key? ... > as needed back to the server. ...
    (comp.databases.pick)
  • Re: Attempt to de-mystify AJAX
    ... "Hyperlinks" always open a new browser window. ... What I meant is that the server, from its state tables, can easily determine ... >>> around cookies and JS, but it seems to be tough. ... >>> 1) use cookies to maintain the session key and hope that the expiration ...
    (comp.databases.pick)
  • Re: NotificationSampleWebDav-Monitor OWA Inbox
    ... when you send your authentication cookies along a request in the ... the response should also contain new cookies. ... Can you guide me how can I update the cookie with new response. ... Warning: Exiting Action with an exception: The remote server returned ...
    (microsoft.public.exchange.applications)
  • Re: Cross-domain cookie updating ?
    ... It's not strictly a PHP question, but something that PHP guys would know the answer to. ... Let's say we have a HTML page from domain example.com, and that HTML page makes a request to example.com to return a JavaScript file. ... If the file being returned has updated cookie information in the response header, then I imagine the cookies for example.com get updated. ... What if the JS file it's requesting is actually to a different unrelated domain server that's going to return a JavaScript file with updated cookies in the response header. ...
    (comp.lang.php)
  • Re: PHP/MySQL oldies
    ... > secure when you leave it lying around in a PHP file on your web server? ... safe mode is always enabled, ... is using cookies ...
    (uk.net.web.authoring)