Search Results

Search found 1926 results on 78 pages for 'cookie monster'.

Page 9/78 | < Previous Page | 5 6 7 8 9 10 11 12 13 14 15 16  | Next Page >

  • Spring Security RememberMe Services with Session Cookie

    - by Jarrod
    I am using Spring Security's RememberMe Services to keep a user authenticated. I would like to find a simple way to have the RememberMe cookie set as a session cookie rather than with a fixed expiration time. For my application, the cookie should persist until the user closes the browser. Any suggestions on how to best implement this? Any concerns on this being a potential security problem? The primary reason for doing so is that with a cookie-based token, any of the servers behind our load balancer can service a protected request without relying on the user's Authentication to be stored in an HttpSession. In fact, I have explicitly told Spring Security to never create sessions using the namespace. Further, we are using Amazon's Elastic Load Balancing, and so sticky sessions are not supported. NB: Although I am aware that as of Apr. 08, Amazon now supports sticky sessions, I still do not want to use them for a handful of other reasons. Namely that the untimely demise of one server would still cause the loss of sessions for all users associated with it. http://aws.amazon.com/about-aws/whats-new/2010/04/08/support-for-session-stickiness-in-elastic-load-balancing/

    Read the article

  • Hide table rows if Cookie is there

    - by kuswantin
    Based on my previous question here and here, I found that I can set a cookie with javascript. I want to combine it with jquery to have a cookie state set for toggled table rows. I want to keep the hidden rows hidden upon reload. Here is what I have achieved so far: // Load cookies if any if(readCookie('togState')) { $('table#toggle tr.' + readCookie('togState')).hide(); } $(function() { $('table#toggle tr.container').click(function() { var idTog = $(this).attr('id'); $(this).toggleClass('off').nextAll('.' + idTog).toggle(); setCookie('togState', idTog, 30); alert('Cookies: ' + readCookie('togState')); }); }); As you can see the cookie is read, but is not set upon browser refresh. What am I doing wrong? What I want is hide any toggled rows (having their classes equal to their parent's container ID), if the parent container is clicked, and so the cookie is set. Any help would be very much appreciated. Thanks.

    Read the article

  • Cookie blocked/not saved in IFRAME in Internet Explorer

    - by Piskvor
    I have two websites, let's say they're example.com and anotherexample.net. On anotherexample.net/page.html, I have an IFRAME SRC="http://example.com/someform.asp". That IFRAME displays a form for the user to fill out and submit to http://example.com/process.asp. When I open the form ("someform.asp") in its own browser window, all works well. However, when I load someform.asp as an IFRAME in IE 6 or IE 7, the cookies for example.com are not saved. In Firefox this problem doesn't appear. For testing purposes, I've created a similar setup on http://newmoon.wz.cz/test/page.php . example.com uses cookie-based sessions (and there's nothing I can do about that), so without cookies, process.asp won't execute. How do I force IE to save those cookies? Results of sniffing the HTTP traffic: on GET /someform.asp response, there's a valid per-session Set-Cookie header (e.g. Set-Cookie: ASPKSJIUIUGF=JKHJUHVGFYTTYFY), but on POST /process.asp request, there is no Cookie header at all. Edit3: some AJAX+serverside scripting is apparently capable to sidestep the problem, but that looks very much like a bug, plus it opens a whole new set of security holes. I don't want my applications to use a combination of bug+security hole just because it's easy. Edit: the P3P policy was the root cause, full explanation below.

    Read the article

  • How to hide div serverside by reading cookie

    - by user338109
    I am using following a tutorial from here: http://www.shopdev.co.uk/blog/cookies-with-jquery-designing-collapsible-layouts/ This is the script I use: <script type="text/javascript" language="javascript"> $(function() { // SETUP: // When the info banner is clicked: $('#setup').click(function() { $('#intro').css("display","none"); $.cookie('intro', 'collapsed'); }); // COOKIES // Info banner state var intro = $.cookie('intro'); // READ THE COOKIES if (intro == 'collapsed') { $('#intro').css("display","none"); }; }); </script> The script hides the following div as the cookie is read: <div class="feedback attention" id="intro"> Text goes here <a id="setup" href="#">Ok I get it, please hide this</a> </div> Everything work great but when the page loads the div is shown for a split second. I guess the solution is to present two different pieces of markup serverside according to the cookie info. I have no idea how to go about this.

    Read the article

  • Storing an encrypted cookie with Rails

    - by J. Pablo Fernández
    I need to store a small piece of data (less than 10 characters) in a cookie in Rails and I need it to be secure. I don't want anybody being able to read that piece of data or injecting their own piece of data (as that would open up the app to many kinds of attacks). I think encrypting the contents of the cookie is the way to go (should I also sign it?). What is the best way to do it? Right now I'm doing this, which looks secure, but many things looked secure to people that knew much more than I about security and then it was discovered it wasn't really secure. I'm saving the secret in this way: encryptor = ActiveSupport::MessageEncryptor.new(Example::Application.config.secret_token) cookies[:secret] = { :value => encryptor.encrypt(secret), :domain => "example.com", :secure => !(Rails.env.test? || Rails.env.development?) } and then I'm reading it like this: encryptor = ActiveSupport::MessageEncryptor.new(Example::Application.config.secret_token) secret = encryptor.decrypt(cookies[:secret]) Is that secure? Any better ways of doing it? Update: I know about Rails' session and how it is secure, both by signing the cookie and by optionally storing the contents of the session server side and I do use the session for what it is for. But my question here is about storing a cookie, a piece of information I do not want in the session but I still need it to be secure.

    Read the article

  • cURL Affects Cookie Retrieval in PHP?

    - by CJ
    I'm not sure if I'm asking this properly. I have two PHP pages located on the same server. The first PHP page sets a cookie with an expiration and the second one checks to see if that cookie was set. if it is set, it returns "on". If it isn't set, it returns "off". If I just run the pages like "www.example.com/set_cookie.php" AND "www.example.com/is_cookie_set.php" I get an "on" from is_cookie_set.php. Heres the problem, on the set_cookie.php file I have a function called is_set. This function executes the following cURL and returns the contents ("on" or "off"). Unfortunately, the contents are always returned as "off". however, if I check the file manually ("www.example.com/is_cookie_set.php") I can see that the cookie was set. Heres the function : <?php function is_set() { $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, 'http://example.com/is_cookie_set.php'); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); $contents = curl_exec ($ch); curl_close ($ch); echo $contents; } ?> Please note, I'm not using cURL to GET or SET cookies, only to check a page that checks if the cookie was set. I've looked into CURLOPT_COOKIEJAR, and CURLOPT_COOKIEFILE, but I believe those are for setting cookies via cURL and I don't want to do this.

    Read the article

  • Perl Cookie not working

    - by grosseskino
    Hi! I already spent all day looking for an answer for this: I am using Perl with LWP::UserAgent and HTTP::Cookies. My problem is that I can't get past an cookie-base age-check. In Perl I use this code: my $browser = LWP::UserAgent->new; my $resp = $browser->get( $url, 'User-Agent' => 'MySpider/1.0' ); #Cookie Setup my $cookies = HTTP::Cookies->new(); $cookies->set_cookie(1,'age_check', '1','/','.example.com/', 80, ,0,3354512128, 0); $browser->cookie_jar($cookies); The Site is setting the Cookie with JavaScript function saveSplash(domain) { var expDate = new Date(); expDate.setTime(expDate.getTime()+(1*24*3600*1000)); setCookie("age_check", 1, expDate, '/', domain); setCookie("screen_width", getScreenWidth(), expDate, '/', domain); } This is the Cookie saved by my browser: age_check 1 example.com/ 1088 3354512128 30140182 2646218624 30139981 Any idea what I am doing wrong? Thanks in advance guys!

    Read the article

  • How do I assign a non-persistent (in-memory) cookie in ASP.NET?

    - by Jørn Schou-Rode
    The following code will send a cookie to the user as part of the response: var cookie = new HttpCookie("theAnswer", "42"); cookie.Expires = DateTime.Now.AddDays(7); Response.Cookies.Add(cookie); The cookie is of the persistent type, which by most browsers will be written to disk and used across sessions. That is, the cookie is still on the client's PC tomorrow, even if the browser and the PC has been closed in between. After a week, the cookie will be deleted (due to line #2). Non-persistent/in-memory cookies are another bread of cookies, which have a lifespan determined by the duration of the client's browsing session. Usually, such cookies are held in memory, and they are discarded when the browser is closed. How do I assign an in-memory cookie from ASP.NET?

    Read the article

  • ASP.NET MVC Authentication Cookie Not Being Retrieved

    - by Jamie Wright
    I am having a hard time implementing "Remember Me" functionality in an MVC application with a custom principal. I have boiled it down to ASP.NET not retrieving the authentication cookie for me. I have included a snaphot below from Google Chrome. Shows the results of Request.Cookies that is set within the controller action and placed in ViewData for the view to read. Notice that it is missing the .ASPXAUTH cookie Shows the results from the Chrome developer tools. You can see that .ASPXAUTH is included here. Does anyone know what the issue may be here? Why does ASP.NET not read this value from the cookie collection?

    Read the article

  • Chrome Browser: Cookie lost on refresh

    - by Nirmal
    I am experiencing a strange behaviour of my application in Chrome browser (No problem with other browsers). When I refresh a page, the cookie is being sent properly, but intermittently the browser doesn't seem to pass the cookie on some refreshes. This is what I am using for page headers: header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT"); header("Cache-Control: no-cache, must-revalidate"); // HTTP/1.1 header("Expires: Thu, 25 Nov 1982 08:24:00 GMT"); // Date in the past Do you see any issue here that might affect the cookie handling? Thank you for any suggestion.

    Read the article

  • Cookie: ASP.NET SessionId Issue

    - by LB
    I have a load generator that appends a ASP.NET_SessionId to the Cookie when making a Soap test call from Machine A to Machine B. Cookie: ASP.NET_SessionId=gf0ouay24sdneiuicpiggn45; However, when I'm running the soap test hitting my local server it doesn't have an ASP.NET_Session variable in the cookie. Why is this happening? UPDATE: I'm getting this issue now on the server: Forms authentication failed for the request. Reason: The ticket supplied was invalid. I've followed this: http://msmvps.com/blogs/omar/archive/2006/08/20/108307.aspx But to no avail.

    Read the article

  • Get and Set a Single Cookie with Node.js HTTP Server

    - by Corey Hart
    I want to be able to set a single cookie, and read that single cookie with each request made to the nodejs server instance. Can it be done in a few lines of code, without the need to pull in a third party lib? var http = require('http'); http.createServer(function (request, response) { response.writeHead(200, {'Content-Type': 'text/plain'}); response.end('Hello World\n'); }).listen(8124); console.log('Server running at http://127.0.0.1:8124/'); Just trying to take the above code directly from nodejs.org, and work a cookie into it.

    Read the article

  • Apache MOD_REWRITE Domain Level Cookie

    - by BigMadKev
    I need to deal with Affiliate Tracking on our website. In our .htaccess we have: RewriteCond %{QUERY_STRING} affiliate=(.*) RewriteRule ^(.*)$ $1? [NC,R,L,co=AFFID:%1:%{HTTP:Host}:7200:/] Which creates a COOKIE called AFFID with the value of the URL Parameter affiliate. But the Cookie is not for the whole domain, i.e. Going to http://www.domain.com/?affiliate=bmk sets the AFFID cookie with the value bmk for .www.domain.com but I would like ti to be for .domain.com so that it can be used across our secure domain which will be secure.domain.com Any help would be appreciated Cheers

    Read the article

  • Cookie value to define style on page load

    - by zac
    I am using the scripts from here http://www.quirksmode.org/js/cookies.html and have successfully created a cookie.. but am having trouble doing anything with it. I would like to have a style defined if a cookie is present. The function for the readCookie is function readCookie(name) { var nameEQ = name + "="; var ca = document.cookie.split(';'); for(var i=0;i < ca.length;i++) { var c = ca[i]; while (c.charAt(0)==' ') c = c.substring(1,c.length); if (c.indexOf(nameEQ) == 0) return c.substring(nameEQ.length,c.length); } return null; } I am trying to use it on page load with something like this window.onload=function(){ var x = readCookie('myCookieValue'); if (x) { document.getElementById('div').innerHTML = "<style type=\"text/css\">.form {display:none}</style>"; } } What would be the correct way of writing this?

    Read the article

  • jQuery .get()/.post() doesn't send an updated cookie

    - by Markus
    Hello, I'am doing something like this: function setCookie(name, value, expire) { var exdate = new Date(); exdate.setDate(exdate.getDate()+expire); document.cookie=name+ "=" +escape(value)+((expire==null) ? "" : ";expires="+exdate.toGMTString()); } // When I click a button // Update the cookie setCookie("test", "1"); function getContent() { // Get the data of our new URL $.get("index.php", loadContent); } function loadContent(data) { // alert the new title // the PHP script is changing title after what cookie-value you have alert($("title", data).text()) } First of all, when Iam alerting it is still the last showing up. So I guess it doesn't send the changed cookies at all.. And for some reason I don't see the request in my Live HTTP Headers window... But also, if i request the URL(without the ajax) it works just fine What am I doing wrong here? Regards Markus

    Read the article

  • serving cached files based upon cookie?

    - by matthewsteiner
    So I realized something today. In my application, you really can't get anywhere (except the front page) unless you're logged in. And you can't be logged in without a cookie. So my front page could be cached, except the problem is if you are logged in (have a cookie set) then it should just redirect into the application. Is there a way for nginx to look for a cookie and if it finds it then deliver a cached file? Just an idea...

    Read the article

  • Using the same cookie in two logins

    - by cer9ss
    Hi everyone, I need your help I've a MVC project that uses Jquery, where I've implemented a mechanism of "Remember Me" using cookies to save, clear and retrieve the login and password. I also have two screens where the user does the login. I want that both logins manipulate the same cookie. I've got to implement it, but I've realized that each one has a different behaviour. I mean, the cookie's value I save in the first login is not the same than the value that retrieves the second login (when I open it). In other words, if I mark "remind me" on the first login, it isn't reflected on the second login and viceversa. What can I do to make that both of them manipulate and read the same values from the same cookie? Is it possible? PS: For this situations I'm using the same web navigator: Firefox or IE. Thanks in advance

    Read the article

  • Apache httpOnly Cookie Information Disclosure CVE-2012-0053

    - by John
    A PCI compliance scan, on a CentOS LAMP server fails with this message. The server header and ServerSignature don't expose the Apache version. Apache httpOnly Cookie Information Disclosure CVE-2012-0053 Can this be resolved by simply specifying a custom ErrorDocument for the 400 Bad Request response? How is the scanner determining this vulnerability, is it invoking a bad request then looking to see if it's the default Apache 400 response?

    Read the article

  • How to share session cookies between Internet Explorer and an ActiveX components hosted in a webpage

    - by jerem
    I am currently working on a .Net application which makes HTTP requests to some web applications hosted on a IIS server. The application is deployed through ClickOnce and is working fine on simple networks architectures. One of our customers has a very complex network involving a custom authentication server on which the user has first to log himself in order to be authenticated and get access to other applications on this network. Once authenticated on this server, a session cookie is created and sent to the user. Every time the user then makes a request on a secured server of the network, this cookie is checked to grant access to the user. If this cookie is not sent with the request, the user is redirected to the login page. The only browser used is Internet Explorer. This cookie cannot be accessed from our .net application since it is executed in another process than the Internet Explorer process which was used to log the user in, and thus is not sent with our requests, which cannot be completed since the server redirects every of our requests to the login page. I had a look at embedding my application into Internet Explorer by making the main control COM visible and creating it on an HTML page with an tag. It is working properly, however the sessions cookies set earlier in the browser are not sent when the ActiveX control makes web requests. I was hoping this sharing of the session information would be automatic (although I didn't really believe it). So my questions are : Is it possible to have access to this cookie in the embedded ActiveX? How? Does it make a difference to use a .Net COM-interop component instead of a "true" ActiveX control? Also, are there specific security words to describe this kind of behaviors (given that I am not an expert at all on security topics, this lack of proper terminology makes it a lot harder to find the needed resources)? My goal is to have my application's requests look the same from the requests made by the host browser's requests, and I thought that embedding the application as an ActiveX control into the browser was the only way to achieve this, however any suggestion on another to do this is welcome.

    Read the article

  • Increment variable for

    - by John Doe
    Hello. I have 30 divs with the same class on the same page. When i'm pressing the title (.pull) the content is sliding up (.toggle_container). When the content is hidden and i'm pressing the title again, the content is sliding down. Also, i want to store the div state inside a cookie. I modified my original code to store the div state inside a cookie but it's not working for all the divs (pull1, toggle_container1, pull2, toggle_container2 [...]), it's working only for the first one (pull0, toggle_container0). What i'm doing wrong? var increment = 0; if ($.cookie('showTop') == 'collapsed') { $(".toggle_container" + increment).hide(); }else { $(".toggle_container" + increment).show(); }; $("a.pull" + increment).click(function () { if ($(".toggle_container" + increment).is(":hidden")) { $(".toggle_container" + increment).slideDown("slow"); $.cookie('showTop', 'expanded'); increment++; } else { $(".toggle_container" + increment).slideUp("slow"); $.cookie('showTop', 'collapsed'); increment++; } return false; });

    Read the article

  • Best way for allowing subdomain session cookies using Tomcat

    - by Andrew Ingram
    By default tomcat will create a session cookie for the current domain. If you are on www.example.com, your cookie will be created for www.example.com (will only work on www.example.com). Whereas for example.com it will be created for .example.com (desired behaviour, will work on any subdomain of example.com as well as example.com itself). I've seen a few Tomcat valves which seem to intercept the creation of session cookies and create a replacement cookie with the correct .example.com domain, however none of them seem to work flawlessly and they all appear to leave the existing cookie and just create a new one. This means that two JSESSIONID cookies are being sent with each request. I was wondering if anybody has a definitive solution to this problem.

    Read the article

  • beforeClose not working in jGrowl?

    - by sparkymark75
    I have the following code which pulls json data from an ASP.NET page and displays these as notifications. The code will also take a note of what's been pulled through and store it in an array to prevent it being shown again in the same session. I'm now trying to implement functionality so that when the user closes a message, it's ID is recorded in a cookie to prevent it ever being shown again. To do this, I'm trying to write to the cookie when the beforeClose event fires. Everything else works fine apart from the saving to a cookie bit. Is there something wrong with my code that I'm missing? var alreadyGrowled = new Array(); var noteCookie = $.cookie("notificationsViewed"); if (noteCookie != null) { alreadyGrowled = noteCookie.split(","); } function growlCheckNew() { $.getJSON('getNotifications.aspx', function(data) { $(data).each(function(entryIndex, entry) { var newMessage = true; $(alreadyGrowled).each(function(index, msg_id) { if (entry['ID'] == msg_id) { newMessage = false; } }); if (newMessage == true) { $.jGrowl(entry['Message'], { sticky: true, header: entry['Title'], beforeClose: function(e, m) { $.cookie("notificationsViewed", entry['ID']); } }); } alreadyGrowled.push(entry['ID']); }); }); }

    Read the article

  • Accept Cookies inside Java code ?

    - by yox
    Hi, I'm dealing with a HTTP sockets project, I have to send 2 HTTP GET requests from my java code like this : Request 1 : call page X Page X is setting a cookie. Request 2 : call to page Y as you see to access the content of page Y i cookie must be present... how to accept a cookie from java code please ?

    Read the article

  • Getting setting cookies on different domains, with javascript or other

    - by Luca Matteis
    Haven't been able to find anything particular to this situation online so here i go... I need to set/get the cookies stored at "first.com" while browsing "second.com", I have full access of "first.com" but i only have javascript access (can manipulate the DOM as i want) on "second.com". My first approach was to create an iframe on second.com (with js) that loaded a page like "first.com/doAjax?setCookie=xxx" and that did an ajax call to say "first.com/setCookie?cookieData=xxx" which would set the cookie on "first.com" with the data we passed around. That pretty much worked fine for setting the cookie on first.com from second.com - for getting a cookie I basically followed the same procedure, created the iframe that loaded "first.com/doAjax?getCookie" and that would do an ajax call to say "first.com/getCookie" which would read the cookie info on first.com and return it as a JSON object. The problem is that I'm unable to bring that JSON cookie object back to "second.com" so I can read it, well maybe i could just bring it when the Ajax call is complete using "window.top" but there's timing issues because its not relative to when the iframe has been loaded. I hope i am clear and was wondering if there's an easier solution rather than this crazy iframe-ajax crap, also seems like this wont even work for getting cookies in SAFARI.

    Read the article

  • Simple Modal Window + jQuery Cookie

    - by w00t
    I use this plugin jQuery Simple Modal Window to display a modal window. I also use jQuery Cookie Plugin (jquery.cookie.js) to set cookies. How can I mix jQuery Simple Modal Window and jQuery Cookie? It`s necessary that after clicking on the "Continue" button, the cookies were set and the modal window in the future doesnt appear to users. I'm sorry, I'm just the beginner. This is my code: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <title></title> <script type="text/javascript" src="js/jquery.js"></script> <script type="text/javascript" src="js/jquery.cookie.js"></script> <script type="text/javascript"> $(document).ready(function() { //Put in the DIV id you want to display launchWindow('#alert'); //if close button is clicked $('.window .close').click(function (e) { $('#mask').hide(); $('.window').hide(); }); }); //if close button is clicked $('.window .close').click(function (e) { //Cancel the link behavior e.preventDefault(); $('#mask').hide(); $('.window').hide(); }); //if mask is clicked $('#mask').click(function () { $(this).hide(); $('.window').hide(); }); function launchWindow(id) { //Get the screen height and width var maskHeight = $(document).height(); var maskWidth = $(window).width(); //Set heigth and width to mask to fill up the whole screen $('#mask').css({'width':maskWidth,'height':maskHeight}); //transition effect $('#mask').fadeIn(1000); $('#mask').fadeTo("slow",0.95); //Get the window height and width var winH = $(window).height(); var winW = $(window).width(); //Set the popup window to center $(id).css('top', winH/2-$(id).height()/2); $(id).css('left', winW/2-$(id).width()/2); //transition effect $(id).fadeIn(2000); } </script> <script type="text/javascript"> $(function() { $('#button').click(function(e) { $.cookie('the_cookie', '1', { expires: 999 }); }); }); </script> </head> <body> <!-- Start alert block --> <div id='boxes'> <div id='alert' class='window'> some text... <input type="button" id="button" value="" class='close warn_buttons'/> </div> <!-- Mask --> <div id='mask'></div> </div> <!-- End alert block --> </body> </html>

    Read the article

< Previous Page | 5 6 7 8 9 10 11 12 13 14 15 16  | Next Page >