Cookie not renewing/overwriting in IE
Posted
by deceze
on Stack Overflow
See other posts from Stack Overflow
or by deceze
Published on 2010-04-05T05:14:43Z
Indexed on
2010/04/05
5:23 UTC
Read the original article
Hit count: 340
I have a weird quirk with cookies in IE. When a user logs into the site, I'm generating a new session id and hence need to overwrite the cookie. The flow is basically:
- Client goes to
https://secure.example.com/users/login
page, automatically receiving a session id - Client POSTs login credentials to same address
Client receives the following headers together with a 302 redirect to
https://secure.example.com/users/mypage
:CAKEPHP=deleted; expires=Sun, 05-Apr-2009 04:50:35 GMT; path=/
CAKEPHP=98hnIO23...; expires=Mon, 12 Apr 2010 04:50:36 GMT; path=/; secureClient is supposed to visit
https://secure.example.com/users/mypage
, presenting the new session id.
This works in all browsers, except IE (tested in 7 & 8). IE retains the old, unauthenticated session id, and is redirected back to the login page. It works on my local test environment (using a self-signed certificate at https://localhost:8443/...
), but not on the live server.
I'm using CakePHP and simply issue a $this->Session->renew()
, which produces the above cookie headers.
Any ideas how to get IE to accept the new cookie?
© Stack Overflow or respective owner