Search Results

Search found 1701 results on 69 pages for 'cookie'.

Page 35/69 | < Previous Page | 31 32 33 34 35 36 37 38 39 40 41 42  | Next Page >

  • X-Domain Cookies in iFrames

    - by John
    Hi Guys, I have a domain A.com which is my website. I want to allow the user to login and then I have embedded an iframe into domain B.com which attempts to grab the cookie from A.com to allow the user to be continued to be signed in. I can't seem to get this working in IE ? A new session gets set instead and the cookie is never retrieved. I have set a P3P policy ? Any ideas what I am doing wrong.

    Read the article

  • How do I let a user sign in from a different domain on Authlogic?

    - by Newy
    [This is slightly different than a previous question about having multiple domains share the same cookie. It seemed like there wasn't an easy way to do that.] I have a application at application.com. A customer has app.customer.com pointed at my site on Heroku, and I have everything set up so that it renders a specific version of app correctly. The issue is that I want a user at app.customer.com to be able to login. I believe authlogic is now setting the cookie on application.com, so while it verifies the credentials, no session on customer.com is ever created.

    Read the article

  • RewriteRule help

    - by Camran
    I have successfully setup htaccess to do this: domain.com/ad.php?ad_id=bmw_m3_2498224 INTO: domain.com/ads/bmw_m3_2498224 However, I have a link on the page which makes the page submit to itself... The link saves the ad inside a cookie: domain.com/ad.php?ad_id=bmw_m3_2498224&save=1 // Note the 'save' variable I need to make this work on the rewritten rule also, so this link: domain.com/ads/bmw_m3_2498224/save will save the cookie... I have this so far which DOES NOT work for the save part: RewriteRule ^annons/([a-zA-Z0-9_]+)$ ad.php?ad_id=$1 [NC,L] How can I include another rule to accomplish what I want? Thanks

    Read the article

  • ActiveRecordStore InvalidAuthenticityToken

    - by Andy
    I have recently been using cookie store and I want to transition to active record store. However I keep getting an invalid authenticity token. After deleting my cookies, I was able to access the page just fine, but I don't want all my users to come to my page, get a huge error and then figure out that I want them to delete their cookies. So I made a function called delete cookies: after_filter :delete_cookie def delete_cookie puts "deleting cookies" cookies.to_hash.each_pair do |k, v| puts k cookies.delete(k) end end In application controller, but it doesn't seem to be working correctly. I still see my cookie after visiting any page. I feel like there really should be a better solution but I can't seem to find any so far. Any hints?

    Read the article

  • Add HttpOnly flag to cookies on the fly with Apache?

    - by Zack
    So I have a java webapp that uses tomcat with an apache proxy layer. I'm looking to make all cookies set from the app have the httpOnly flag. The problem with this is that tomcat is responsible for setting the flag from the application side and its default (in servlet api 2.5) is false. I was hoping I could set this flag for all cookies on the fly using apache. I've been trying different combinations and the closest I have gotten is setting the last cookie passed to httpOnly which is of course wrong: Header append Set-Cookie "; HttpOnly" I have no way of knowing what cookies/values are going to be passed from the app. Is this even possible?

    Read the article

  • how does "recent history" work on sites for php? (PHP)

    - by ggfan
    I'm not sure if there is an explanation on SO for beginners, but if so, could you provide the links. I am interested in creating a "recent viewed" function that shows what links they clicked on before. I'm not sure if this is the 'correct' way to do it, but this is what I have so far... user clicks on a link(say ad.php?posting_id=12). if the user doesn't click on the link, no cookie or session is stored for the link if the user clicks on the link, it sets a cookie for $_cookie['ad.php?posting_id=22'] Each time the user clicks, more cookies are set In the recent viewed function, it gets all the $_cookie variables and displays them. if the user wants to clear the history, just destroy all the cookies I'm not sure if this is the way to do it, but is the viable? If not, what are the steps to create a "recent viewed" function

    Read the article

  • How to grab all cookies in Flash

    - by Leticia Meyer
    For a site I'm developing with a user login that uses cookies to store the session ID, a separate section of it uses Flash to provide content and such. Is there some way it can access the cookies that were set the by login? The name of the cookie will not the be same every time, as it is randomly generated, as well as its value. I then need to send the name and value of the cookie back to a page on the server to do additional stuff. Anyone know how to do this? Note that I didn't write the Flash interface, an the person who did doesn't know how to do this. Please help me, and thanks in advance!

    Read the article

  • Why are awkward numbers and letters in my query string??

    - by Nicole
    Hi everyone!! I have a MVC website and when I execute it, the query string (url) that appears is: http://localhost:6970/(S(51aegi45qneolxa0oxwuzh55))/default.aspx what the hell is that strange combination of numbers and letters??? please help!!!!! previously i had been working with the session expires to redirect to one of my views, could be something of that?? i have added the following action filter: public override void OnActionExecuting(ActionExecutingContext filterContext) { HttpContextBase ctx = filterContext.HttpContext; // check if session is supported if (ctx.Session != null) { // check if a new session id was generated if (ctx.Session.IsNewSession) { // If it says it is a new session, but an existing cookie exists, then it must // have timed out string sessionCookie = ctx.Request.Headers["Cookie"]; if ((null != sessionCookie) && (sessionCookie.IndexOf("ASP.NET_SessionId") >= 0)) { filterContext.HttpContext.Response.Redirect("~/Error/SesionExpirada", true); } } } base.OnActionExecuting(filterContext); } but if I put it in ignore it stills add that rare thing to my urls. Please help!!! thanks

    Read the article

  • IE sends multiple cookies with same name?

    - by akach
    I have a strange bug that occurs in IE7/XP and IE8/Vista on my website. IE sends two cookies named PHPSESSID. How to reproduce: Clear cookies in IE (not necessary if you never visited unisender.com). Visit unisender.com (exactly without www to reproduce!) and it will redirect to www.unisender.com Login with any valid username and password (I've registered username testmsdn with password testmsdn - feel free to use for testing) Run your favourite capture-the-traffic program (I prefer wireshark) Now click any menu link (e.g. "messages") Look at captured traffic - you will see that IE sends double PHPSESSID cookie (and you are logged out after click because of this). It seems like first PHPSESSID is from unisender.com and second from www.unisender.com. Captured sample: GET /en/letter_list HTTP/1.1 Accept: image/gif, image/jpeg, image/pjpeg, application/x-ms-application, application/vnd.ms-xpsdocument, application/xaml+xml, application/x-ms-xbap, application/x-shockwave-flash, / Referer: http://www.unisender.com/en/intro Accept-Language: ru User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0; Trident/4.0; Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) ; SLCC1; .NET CLR 2.0.50727; .NET CLR 3.5.21022; .NET CLR 3.5.30729; FDM; .NET CLR 3.0.30729) Accept-Encoding: gzip, deflate Host: www.unisender.com Connection: Keep-Alive Cookie: authchallenge=3a9cfcfc9fe33822e3e21d75c8a3d3e4; PHPSESSID=14ea1cb133632951592397c86eaf037e; us_reg_ref=unknown; us_reg_url=http%3A%2F%2Funisender.com%2F; __utma=1.778517853.1271204400.1271204400.1271204400.1; __utmb=1.3.10.1271204400; __utmc=1; __utmz=1.1271204400.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); PHPSESSID=65e110aeb995a66b9dc8da5656c7a3da; last_login_name=testmsdn I've tried to use session and non-session cookies, tried to use .unisender.com instead of unisender.com for cookie - nothing helps. I suppose there should not be cookies with same name. Am I right? Is it a bug in IE? If it's a bug then is there a workaround? Or am I wrong and it's an expected behavior?

    Read the article

  • Accessing cookies in php which are set in java web application

    - by user866937
    I am setting a cookie at the domain level on encrypted connection in Java web application running on tomcat and I would like it to be accessible in a php web application running on a same domain but different subdomain. Java web application running on https://javaapp.mycompany.com php web application running on https://phpapp.mycompany.com/subpath/index.php From java, I am setting the cookie with following parameters: Domain: .mycompany.com Send For: Encrypted connections only Expires: After 2 months Path: /subpath Name: __C Value: 1 Dumping all the cookies from my php web application running on https, I do not see any cookies getting dumped by the php web application. Whereas if I set the cookies in Java for any type of connection, only then php web application is able to see them if I run the php app on http instead of https. I believe php web app should be able to retrieve then cookies set for https only and for particular domain and all immediate sub-domains. What am I doing wrong here? Thanks in advance for the help.

    Read the article

  • Javascript Phone Swap

    - by Batfan
    I've been trying to find a way to do this but, have not found many resources that specifically relate to this situation. I need a javascript (can make use of Jquery if need be) to swap phone numbers on a site. 2 numbers would be specified. One would show on the site by default. The script needs to be able to create a cookie and do this by recognizing a value in the URL string. For Example: http://www.site.com/index.html?value= '?value=' would be the value. This URL (with the additional variable) would bring the user to the same site but, the variable in the string would set the cookie and display a different number. The default number would not be displayed again until the cookies were removed. Due to the situation with my server, I cannot make use of PHP ( I know, that would make things alot easier :P ) Any help would be greatly appreciated.

    Read the article

  • how does this animation work?

    - by icicleking
    I'm working with cookies to run or not run a jQuery animation someone else built: $(function () { $('div.transitional').click(function () { $('div.intro').removeClass('hidden'); $('div.final').off('click'); }); ShowDiv($("div.transitional.hidden")[0]); }); function ShowDiv(target) { target = $(target); target.removeClass('hidden'); target.delay(500).animate({ opacity: 1.0 }, 300, 'easeInExpo', function () { ShowDiv($("div.transitional.hidden")[0]); }) } I have the cookie part working, but I'm confused about the anonymous function and the "ShowDiv" function. What is each part doing? Functionally, the animation makes visible a series of pictures, then the whole site. I want to skip the animation and just make the whole site visible(if cookies='visited'). I'd like to do this without rewriting the animation script. here's a link. What happens now is if you have the cookie the animation doesn't run and everything is hidden.

    Read the article

  • Can Apache configuration check cookies?

    - by nickf
    My situation: We have a mobile version of our website, and want to start redirecting mobile users to it. The plan is to do this in Apache httpd.conf or .htaccess, using something like this: RewriteEngine On RewriteCond %{HTTP_USER_AGENT} (iPhone|Blackberry|...) RewriteRule (.*) mobile/$1 However we want there to be a way for users to override our default action of redirecting them. One way we thought to do it was to show a link on the mobile site directing back to the regular site, and store a cookie when they use that link. Could the Apache configuration file check a cookie before redirecting? Is there a better way?

    Read the article

  • Authenticating a user for a single app with multiple domains

    - by hofnarwillie
    I have one asp.net web application, but two different domains point to this web app. For instance: www.one.com and www.two.com both point to the same web app. I have an issue where I need certain pages to be on a specific domain (due to some security requirements from our online payment provider - a third party website). So let's say page1.aspx needs to be called on www.two.com The process is as follows: A user logs into www.one.com The authentication cookie is saved to the browser The user then navigates to page1.aspx and, if on the wrong domain, gets redirected to the correct domain. (this redirection happens on page1.aspx in the page_load event) Then asp.net redirects the user to the login screen, because the authentication cookie is not sent to www.two.com. How can I track the user and keep him/her logged in between the two domains?

    Read the article

  • Improved way to build nested array of unique values in javascript

    - by dualmon
    The setup: I have a nested html table structure that displays hierarchical data, and the individual rows can be hidden or shown by the user. Each row has a dom id that is comprised of the level number plus the primary key for the record type on that level. I have to have both, because each level is from a different database table, so the primary key alone is not unique in the dom. example: id="level-1-row-216" I am storing the levels and rows of the visible elements in a cookie, so that when the page reloads the same rows the user had open are can be shown automatically. I don't store the full map of dom ids, because I'm concerned about it getting too verbose, and I want to keep my cookie under 4Kb. So I convert the dom ids to a compact json object like this, with one property for each level, and a unique array of primary keys under each level: { 1:[231,432,7656], 2:[234,121], 3:[234,2], 4:[222,423], 5:[222] } With this structure stored in a cookie, I feed it to my show function and restore the user's previous disclosure state when the page loads. The area for improvement: I'm looking for better option for reducing my map of id selectors down to this compact format. Here is my function: function getVisibleIds(){ // example dom id: level-1-row-216-sub var ids = $("tr#[id^=level]:visible").map(function() { return this.id; }); var levels = {}; for(var i in ids ) { var id = ids[i]; if (typeof id == 'string'){ if (id.match(/^level/)){ // here we extract the number for level and row var level = id.replace(/.*(level-)(\d*)(.*)/, '$2'); var row = id.replace(/.*(row-)(\d*)(.*)/, '$2'); // *** Improvement here? *** // This works, but it seems klugy. In PHP it's one line (see below): if(levels.hasOwnProperty(level)){ if($.inArray(parseInt(row, 10) ,levels[level]) == -1){ levels[level].push(parseInt(row, 10)); } } else { levels[level] = [parseInt(row, 10)]; } } } } return levels; } If I were doing it in PHP, I'd build the compact array like this, but I can't figure it out in javascript: foreach($ids as $id) { if (/* the criteria */){ $level = /* extract it from $id */; $row = /* extract it from $id */; $levels[$level][$row]; } }

    Read the article

  • WP: redirect users to a certain category using cookies

    - by kass
    Basically like cragslist. once you select city on craigslist, nexttime when you go to the site, it redirects you to the city you selected. What I want to achieve: When a person comes to the site and selects a particular category, the next time they come to the site (returning user) - the page will open up on that category section. I would think this would be fairly easy to do via setting a cookie when the visitor clicks on the category link (or when the category page loads). When they return the following time, the cookie is read and then the page redirects accordingly. Unfortunately my knowledge of PHP and cookies is limited, (hence my search for answers) so I need to ask if anyone can help me out! Anyone have any ideas? Thanks!

    Read the article

  • Google App Engine, Java, and HTTP Performance

    - by polyclef
    A friend and I are currently working on a turn-based game with chat with both desktop browser and Android clients, with Google App Engine as the server. We're using the Java API for GAE and using HTTP for communication with the server. We've implemented simple chat functionality, and we're getting undesirable latencies 1-3 seconds from both the browser and Android clients while just posting simple one-word chat messages. My friend thought it would be best to use XMPP instead of HTTP, but we want to use a Google Accounts cookie for authentication from the Android client, and according to the GAE documentation, XMPP clients cannot use a Google Accounts cookie and must use the user's password. Does anyone have any suggestions as to where the latency might be coming from, how to troubleshoot it, and/or what to do about it? Also, is anyone aware of any opensource implementations of chat (or something similar) on GAE done in Java? Can't seem to find any.

    Read the article

  • Prevent Cookies From Being Sent on AJAX Request

    - by user340571
    Hello everyone, I have a web service that I invoke from script but that does not need any information stored in cookies. Anytime I make a request to the service, the cookie is sent along with it. I understand that by default cookies are sent with HTTP request, but is there any way at all to overwrite that behavior and not send the cookie? In a nutshell, I am issuing my request like this: $.ajax({ type: "POST", cache: false, url: url, data: data, contentType: "application/json; charset=utf-8", dataType: "json", success: function(response) { successFunc(response); }, error: function(xhr) { errorFunc(xhr); } });

    Read the article

  • Checking if cookies are enabled doesn't work in IE8

    - by the_V
    Hi, I'm trying to create a script that would determine if cookies are enabled and do some work if not. This is the code I use: var cookieEnabled = (window.navigator.cookieEnabled) ? true : false; if (typeof navigator.cookieEnabled == "undefined" && !cookieEnabled) { document.cookie = "testcookie" cookieEnabled = (document.cookie.indexOf("testcookie") != -1) ? true : false } if (cookieEnabled == false) { // do some work } The problem is that in IE8 it causes nothing to happen when I set cookies to be blocked in browser options. So, navigator.cookieEnabled is always true. This stuff works perfectly in Chrome and FireFox. Am I doing anything wrong?

    Read the article

  • asp.net: moving from session variables to cookies

    - by P a u l
    My forms are losing session variables on shared hosting very quickly (webhost4life), and I think I want to replace them with cookies. Does the following look reasonable for tracking an ID from form to form: if(Request.Cookies["currentForm"] == null) return; projectID = new Guid(Request.Cookies["currentForm"]["selectedProjectID"]); Response.Cookies["currentForm"]["selectedProjectID"] = Request.Cookies["currentForm"]["selectedProjectID"]; Note that I am setting the Response cookie in all the forms after I read the Request cookie. Is this necessary? Do the Request cookies copy to the Response automatically? I'm setting no properties on the cookies and create them this way: Response.Cookies["currentForm"]["selectedProjectID"] = someGuid.ToString(); The intention is that these are temporary header cookies, not persisted on the client any longer than the browser session. I ask this since I don't often write websites.

    Read the article

  • curl multiple request session issue

    - by embedded
    I'm using curl multi API for multiple curl requests. first I'm using a single request to login to a site and save the cookie file. then I'm using the curl multi API to get some data from that site. The problem I'm facing is that from some reason the cookie file does not get read and I'm redirecting to the main login page. I must say that this work once in awhile so I can't point what went wrong. Any help would be much appreciated. Thanks

    Read the article

  • Rails gives wrong headers after upgrade 2.3.5 -> 2.3.8

    - by macsniper
    I just upgraded from rails 2.3.5 to rails 2.3.8, but now my redirects are not working properly. I get the following as the response HTTP Headers: HTTP/1.1 302 Moved Temporarily Date: Wed, 02 Jun 2010 09:40:39 GMT Content-Length: 93 Content-Type: text/html whereas I got previous: HTTP/1.1 302 Moved Temporarily Connection: close Date: Wed, 02 Jun 2010 09:41:18 GMT Set-Cookie: _session_id=<correct id>; path=/ Status: 302 Found Location: <correct url> Cache-Control: no-cache Server: Mongrel 1.1.5 Content-Type: text/html; charset=utf-8 Content-Length: 93 Anyone knows how to fix this? Despite the fact that the redirect is not working, the login-cookie is not set too (but I think, this is both related somehow). I have already tried to override redirect_to in order to set response.headers['Location'] etc., but they did not appear in the response.

    Read the article

  • session fixation

    - by markiv
    Hi All, I am new to web development, and trying to get a hold on security issues. I went through this article on http://guides.rubyonrails.org/security.html these are some of the steps the author has mentioned how an attacker fixes session. 1. The attacker creates a valid session id: He loads the login page of the web application where he wants to fix the session, and takes the session id in the cookie from the response (see number 1 and 2 in the image). 2. He possibly maintains the session. Expiring sessions, for example every 20 minutes, greatly reduces the time-frame for attack. Therefore he accesses the web application from time to time in order to keep the session alive. 3. Now the attacker will force the user’s browser into using this session id (see number 3 in the image). As you may not change a cookie of another domain (because of the same origin policy), the attacker has to run a JavaScript from the domain of the target web application. Injecting the JavaScript code into the application by XSS accomplishes this attack. Here is an example: <script>?document.cookie="_session_id=16d5b78abb28e3d6206b60f22a03c8d9";?</script>. Read more about XSS and injection later on. 4. The attacker lures the victim to the infected page with the JavaScript code. By viewing the page, the victim’s browser will change the session id to the trap session id. 5. As the new trap session is unused, the web application will require the user to authenticate. 6. From now on, the victim and the attacker will co-use the web application with the same session: The session became valid and the victim didn’t notice the attack. I dont understand couple of points. i) why is user made to login in step5, since session is sent through. ii) I saw possible solutions on wiki, like user properties check and others why cant we just reset the session for the user whoever is login in when they enter username and password in step5? Thanks in advance Markiv

    Read the article

  • Problems deleting cookies, won't unset (PHP).

    - by RemiX
    I've tried searching the php manual and internet on how to delete cookies and I've tried it the exact same way they all say: setcookie("name", '', 1); or setcookie("name", '', time()-3600); But when I check the cookies in the cookies dialog in Firefox, it's still there with the same value. I set this cookie using the following line: setcookie("name", $value, time() + 259200, $path); I found this question on stackoverflow: http://stackoverflow.com/questions/2497501/cookie-wont-unset, but none of the answers solved the problem. I also tried putting all paramaters in, like the author said, but it had no effect. Does anyone see the problem?

    Read the article

< Previous Page | 31 32 33 34 35 36 37 38 39 40 41 42  | Next Page >