Re: Cookies

---

• From: "Roland Hall" <nobody@nowhere>
• Date: Tue, 19 Apr 2005 04:41:42 -0500

---

"Jody" wrote in message
news:F7DAD4B2-D70B-4F3E-8F0F-3B4FA0E4BBFB@xxxxxxxxxxxxxxxx
: Hi Roland

Hi Jody...

: Is there a way to disable session cookies and if so what is the down
side?.
: We are using IIS 6 and a ASP eCommerce site with a SQL db if that matters.

Classic ASP or ASP.NET? In IE, Tools, Internet Options, Privacy, Advanced.
You can override cookie handling and permit, block, prompt first-third party
cookies and uncheck always allow session cookies. That means it is on a per
browser basis. This does nothing to the e-commerce site but may affect how
your users experience your site if you're using sessions.

Your e-commerce needs a way to track users. It's generally cookies,
sessions or a custom method. I use sessions with my shopping cart and that
requires session cookies. It does not require any other kind of cookies. I
also have some javascript I'm converting to server-side so javascript can
also be disabled and my cart will still work just fine. I personally think
it is ridiculous to disable javascript but people do.

My browser is set to prompt first-party cookies, disable third-party cookies
and always allow session cookies.

--
Roland Hall
/* This information is distributed in the hope that it will be useful, but
without any warranty; without even the implied warranty of merchantability
or fitness for a particular purpose. */
Online Support for IT Professionals -
http://support.microsoft.com/servicedesks/technet/default.asp?fr=0&sd=tech
How-to: Windows 2000 DNS:
http://support.microsoft.com/default.aspx?scid=kb;EN-US;308201
FAQ W2K/2K3 DNS:
http://support.microsoft.com/default.aspx?scid=kb;EN-US;291382


.

---

• References:
  • Cookies
    • From: Jody
  • Re: Cookies
    • From: Roland Hall
  • Re: Cookies
    • From: Jody

• Prev by Date: Re: Repost - Slow logon after SP1 on Windows 2003 Terminal Server for roaming profiles
• Next by Date: PAGEFILE (FAT or NTFS)
• Previous by thread: Re: Cookies
• Next by thread: Dual booting xp and 2003
• Index(es):
  • Date
  • Thread

---

Relevant Pages HACKING WITH JAVASCRIPT ... This tutorial is an overview of how javascript can be used to bypass ... You probably already know about sql injection, my goal is to explain how ... search forms, dynamic links, or session cookies. ... (select boxes, hidden fields, checkboxes and radio buttons, and cookies!). ... (comp.lang.java) Re: HACKING WITH JAVASCRIPT ... that javascript validation has allways been useless because its a client-side ... and 2 also hold for cookies, they are just an HTTP header and can easily be ... AFAIK SQL Injection has nothing to do with javascript ... > through search forms, dynamic links, or session cookies. ... (Bugtraq) HACKING WITH JAVASCRIPT ... This tutorial is an overview of how javascript can be used to bypass ... SQL INJECTIONS ... through search forms, dynamic links, or session cookies. ... (Bugtraq) Re: can not get access to security sites ... It sounds like you are blocking what is called 'per session cookies' from ... settings for mobile code control, such as limits on ActiveX and Java ... privacy control and Ad blocking features of Norton's Personal Firewall, ... (microsoft.public.windowsxp.security_admin) Re: saving session cookies? ... Cookie lifetime is set on server headers, typically session cookies will be only stored on memory if the server did not provide an expiration, but some applications set expiration dates for session cookies that makes the cookie be stored on disk. ... (Pen-Test)

---

• Windows
• Science
• Usenet

• Archive
• About
• Privacy
• Search
• Imprint

www.tech-archive.net  > Archive  > Windows  > microsoft.public.windows.server.general  > 2005-04