Security :: Internet Explorer 8 Denies Session Cookies
Jul 22, 2010
i am having this weird problem only when i deploy my site [localy Everything works fine] when you try loging in from IE 8, the page simple refreshes! and no authentication takes place After lot of research, i found out that Internet Explorer 8 denies session cookies and to confirm this, i unchecked Enable protected mode (can be found in, internet options, security), and then tried logging in, it worked perfectly fine just like it did in other browsers [Firefox and google chrome]. I have found one solution which is to lower the security level, but i cant tell every visitor on my site to do that since its not practical.
View 1 Replies
Similar Messages:
Mar 9, 2010
I am using ASP.NET Memberships and I have the timeout set to 100, when the user logs into the system in Internet Explorer (6 or 8) and then closes the window and tries to open it back up... It asks the user to login again. Why is that and how can I disable that?
View 3 Replies
Feb 5, 2010
I have an ASP.NET 2.0 site that stores a user's ID in session to indicate that they are logged in. In some situations, the user doesn't appear to stay logged in. I've been monitoring traffic in Fiddler, and some details I've found: The problem is 100% repeatable on an older laptop of mine when running IE7 and the project manager's laptop when running IE7. The problem does not ever occur on my current laptop running IE7, or any of these laptops when running FF. The problem occurs only in production--not on development, internal staging, or client staging. Production is the only load balanced environment, but the repeatability noted above makes me question load balancing as a factor.
When the page which sets Session("ID") = 1 sends a response back to the client, I can see a "Set-Cookie" header in all cases, which is creating the ASP.Net_Session_Id cookie (and it's HttpOnly). Subsequent requests to the server will send that cookie in the header on machines which are not exhibiting the problem, but not on machines that are, so either the cookie is getting deleted or the "Set-Cookie" header is being ignored.
The way logging in works is as follows: a page on [URL] has an iframe. The source of that iframe is a page on [URL]. A variety of pages served from [URL] take the user through the login/register process. The final step of [URL] is to redirect to a page back on [URL], including the user's ID in the querystring. This page on [URL] typically stores the ID in session, and then runs some JS to redirect the top level document to a new page, thus taking the user out of the iframe. This is a process that has worked for several years, with several values of [URL]. The one thing that may be different here is that in this case, the JS is simply destroying the iframe and some containing div's.
Another difference I see between scenarios where the problem occurs and where it doesn't is in the Google Analytics cookies. There is a difference when [URL] does its redirect to [URL] inside the iframe. When the problem does not occur, the request for SaveTheID.aspx includes a variety of Google Analytics cookies (__utma, __utmz, etc). When the problem does occur, this request does not include all the GA cookies (it's missing __utma, __utmz and __utmb). Production is the only environment where [URL] runs under SSL, so I thought that may be related. But we temporarily set up our staging copy of [URL] to use SSL, and that had no effect.
View 3 Replies
Feb 4, 2011
I have a requirement to open a new window from Internet Explorer, but the new window should be in new asp.net session. It should not share the same session of previous opened window or the parent window. How can it be possible? Any thoughts? I'm using window.open('mywindow.aspx') from parent page javascript to open new windows.
View 1 Replies
Jul 19, 2010
With-in my Web App, I would like to be able to create a completely new instance of Internet Explorer, keeping the original functioning as well. No problem doing a Response.Redirect or server.transfer to a new web page, but what I am trying to do here is to open a completely new explorer window. I would like to do so transferring a few session variables to it.
View 5 Replies
Nov 10, 2010
I am using ShDocVW.InternetExplorer class to spawn a new internet explorer object and to do some form filling stuffs(for some sharepoint works).It works fine in my own machine which has Windows 7 as the OS. But when I deployed the same thing in windows server 2003 machine, it does not pop up the internet explorer window. When I check the Task Manager, I could see a new iexplore process, but with Session ID = 0 (but session ID = 1 in windows 7). So, I see this is something regarding IIS Session isolation.So, is it possible to assign a ShDocVW.InternetExplorer instance to kind of a new System.Diagnostics.Process and achieve this task? Or can we start a new ShDocVW.InternetExplorer instance with session ID = 1?
View 3 Replies
Apr 25, 2010
i have a problem in my asp application . Im trying to protect the path for my application using this code :
Uri t = Request.UrlReferrer;
View 10 Replies
Jun 10, 2010
when i test this page http://www.catalogues4u.com.au/ViewCategory.aspx?catID=119 im getting the above error. to replicate this issue visit the above page in ie7 and you will get the prompt.
View 3 Replies
Feb 11, 2010
It has been a while since I've built an entire ASP.NET web application from the ground up but I'm about to jump in again. I've built many individual pages, controls, web parts, etc. recently, but nothting 'soup to nuts' for a couple of years. My question is in regards to login security control. I do not want to use the built in ASP.NET Memberhip functionality for various reasons and already have custom code that authenticates the user, controls passwords, login attempts, etc. I am really concerned though about how to validate that the user is logged in (and the best way to do it). For instance, right now I use a Base page that all of my .aspx pages inherit from. In the OnInit() method, it executes code which includes:
[Code]....
I set the Session["LoggedIn"] object to "true" after the user has successfully been authenticated at the Login.aspx page. So, when a user attempts to access any page in the application, if that Session object isn't true, they will be redirected (you can't visit any page without being logged in). This all works great, but I'm thinking I need something more and that brings me here. First, do I need more? Is this enough? I was thinking about creating a cookie with a GUID value and the SessionID (both encrypted perhaps?) and adding that to my Base page so it checks both the current Session["LoggedIn"] value
and the values in the cookie.
View 1 Replies
Apr 6, 2010
i have one application that is deployed in IIS at Remote Desktop. if i access that application from local system i am getting "Internet explorer cannot display the webpage" and it is running fine in Remote Desktop but not in Local system.
View 2 Replies
Jun 6, 2010
i want to close internet explorer on if a button is closed which i can do with this code
Page.ClientScript.RegisterClientScriptBlock(Me.GetType, "jcrCallerID", "window.close();", True)
this code is working fine for me but it is also coming up with warning which i dont want.
The warning is saying the webpage is trying to close do you want to continue closing the webpage yes /no
I want to avoide this warning and just close the browser windows.
View 3 Replies
Mar 18, 2010
How can I add an URL to the trusted site? It seems that there are stored in the registry, but where exactly?
The .net programm will run locally on each client.
Edit clarification: I want to do this programmaticly running C# code.
View 5 Replies
Aug 23, 2010
I am developing an ASP.NET 4.0 web application in which I am trying to use an iframe to load a third party website:
<iframe id="ifr1" src="http://newdomain.com?id=test&password=123"
width="100%" height="600px">
</iframe>
The newdomain.com is trying to place cookies in the browser and IE dosent like that. I have no control over the application hosted on the newdomain.com. I have read a lot of articles which talk about having a P3P information added to the header of the page which hosts the iframe. So in my application's Global.asax I have the following code:
protected void Application_BeginRequest(object sender, EventArgs e)
{
HttpContext.Current.Response.AddHeader("p3p", "CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"");
}
But this doesn't work and I am really confused now.
View 1 Replies
Jul 8, 2010
I'm just trying to sent a .wav file to Internet Explorer with an ASP.net Handler:
public void ProcessRequest(HttpContext context){ HttpResponse response = context.Response; response.ContentType = "audio/x-wav"; response.WriteFile("MyWav.wav"); response.AddHeader("Content-Length", "304578"); response.Flush();}
This works for Firefox and Chrome but I'm just presented with a blank screen in Internet Explorer. Why? (I've tried setting the "Content-Disposition" header. If I set it to "attachment" I am presented with the download dialog. If I set it to "inline", I just get a blank page like before. I want the wav file to play inline like here: [URL]
View 1 Replies
Feb 25, 2010
I am trying to write an app in asp for users that will run in the browser but not look like a browser so I want it to open without all the toolbars. So it should be just the Title bar then the page. We will create a shortcut to the page on the users desktops. Is there a way to do this?
View 3 Replies
Sep 21, 2010
i want to install firebug on IE.can you give me the links for free download of firebug
View 4 Replies
Jul 27, 2010
I am currently write an ASP.NET WebApplication in Visual Studio 2010. My default browser is Firefox. If I start an WebApplication, the WebApplication starts up in the same instance of Firefox. How is it possible to avoid it? How do I configure Visual Studio that the WebApplicaton starts in an new instance of Internet Explorer?
View 2 Replies
Oct 11, 2010
I am currently building a web project in which I would like to allow the user to navigate using either the back/forward button I created or the back and forward buttons in Internet Explorer to navigate my project.
View 1 Replies
Jan 17, 2011
i have created kiosk application in asp.net and i just want to hide address bar and internet explorer menus.
View 2 Replies
May 9, 2010
I have developed some aspx pages using visual studio 2008. I am authenticating using Active Directory services. I have kept a link button on my aspx page which says signout .What exactly i want to do is that i want the back button of my login page to be disabled so that when i press signout and when my login page loads users cant go back and thus forced to enter the login details. I am using c# as development language.
View 7 Replies
May 5, 2010
well actually i dont know really if this is MVC or not but I run this on MVC so i would run it here.I got a HUGE .js file , which run smoothly on Firefox , but internet explorer read like half of him (he makes some actions , some not)
also he doenst run alert("bla"); when i put it on him.other then that, when i copy and past the code to the head of the asp.net mvc view , it runs smoothly
here is my import from the head
<script src="Scripts/AppScripts/TestsAdministrator.js" type="text/javascript"></script> (also tried to do this with resolveURL);
and here is the function which some part of it doenst work (i wont type all the code unless you really want)
//Ajax - Drop down list event
$("#TestList").change(function () { [code]....
View 4 Replies
Jul 8, 2010
I have converted a table as an xml string that looks something like
<NewDataSet>
<officelist>
<OfficeID>2176</OfficeID>
<Office>My Office </Office>
<Region>Toronto</Region>
<Division>TO </Division>
How do I get this to a strict xml page where you can open and close the nodes (in IE) -like this xml feed
View 2 Replies
Nov 3, 2010
we want to have a button on the page of our internet explorer that saves the flash that is displayed/loaded in the browser window. A saving dialogue after pressing the button would be great.
View 5 Replies
Mar 29, 2011
I currently developing a ASP.NET web application.
The application is designed for Google Chrome. I would like to pop out IE when printing is involved because Chrome lack preview etc. at a button click the IE should open. Here's the code:
protected void btn_print_Click(object sender, EventArgs e)
{
System.Diagnostics.Process.Start("http://localhost/storeapp/printpage.aspx?orderno=" + Request.QueryString["orderno"].ToString() + "");
}
Here I have passed a particular orderno to the URL. But when I click nothing happens. I have set IE as default web browser. Why is this?
View 2 Replies
Jan 27, 2011
In my website, I returns a cookie in this way:
context.Response.Cookies.Add(new HttpCookie("MYCOOKIE", MyStringVar)
{
HttpOnly = false,
Expires = DateTime.Now.Add(GlobalSettings.AuthCookieDuration)
});
In development, everything works good in all browsers, but when I deploy the app to a server, only Firefox is able to log in (so it's the only one accepting the cookie). In the server, the app runs on the root of the server, there is not virtual path.
EDIT:
I've looked at it wit Fiddler, and the server is returning the cookie, no doubt. So the problem is that Chrome and IE are not accepting it.
View 1 Replies