There seems to be a bug the Internet Explorer 6 privacy settings. Despite significantly lax restrictions, we have had a lot of problems with IE 6 users and sites that use cookies to track sessions.
In troubleshooting the issue, we've attempted to add P3P privacy policies to our sites. We have tried altering the domain attribute on the cookies. We tried just about everything we could think of. The only workaround that we've found is to have the client add the site to their list of allowed sites (In the "Web Sites" section of the "Privacy" tab). This fixes the problem in every instance we've encountered. This is reasonably good work around for Intranet/Extranet sites. Obviously, however, it is not so good for public Internet sites. So far, we've left these sites "broken" and simply pointed our fingers at Microsoft. So, if someone has a true fix, please share it. Benjamin S. Rogers http://www.c4.net/ v.508.240.0051 f.508.240.0057 -----Original Message----- From: John Beynon [mailto:[EMAIL PROTECTED]] Sent: Thursday, August 29, 2002 5:32 AM To: CF-Talk Subject: RE: Big problem- session vars not saved in IE6 on CF5 And you know what - I'm debugging an app that used to work but doesn't anymore since the other day! Darn M$ Jb. -----Original Message----- From: Sandy Clark [mailto:[EMAIL PROTECTED]] Sent: 29 August 2002 02:23 To: CF-Talk Subject: RE: Big problem- session vars not saved in IE6 on CF5 I had the exact same problem this week when I upgraded my ie6 with the newest M$ patches. I have a form, which sends a login page to a script. Because the login page uses a submit button, the cookies for CFID and CFTOKEN would normally be set there. After processing, the login script cflocations the person to a new page. The funny thing is that I am not using CFLocation, but the Fusebox CF_Location tag which was not cookie problematic. The app works fine on Opera, Netscape 4.x and 6.2 as well as on IE < 6. The application was definitely losing cookies, I cfdumped all session variables and http_cookie changed each time. My ultimate solution was to pass (during the first CF_Location only), the CFID and CFTOKEN on the URL. After that I don't pass them and the application works fine. I checked all my settings in IE 6 and they were all accepting cookies. Very weird. Any other better solutions (or even better rational explanations for the problem) would be much appreciated. Sandy Clark -----Original Message----- From: Kym Kovan [mailto:[EMAIL PROTECTED]] Sent: Wednesday, August 28, 2002 8:14 PM To: CF-Talk Subject: Re: Big problem- session vars not saved in IE6 on CF5 Hi Don, >I am having a big problem with an old standard login system. This is the >most simple login system I know and have used it for years. > >It consists of: >Login form page >Login action page >Main page >Session variables tracking who is logged in > >The user enters in their login acct, the action page compares it against the >db, then sets some session variables and uses cflocation to forward them to >a new page or back to the login page if they fail. The application page >checks for the session variable to see if they're logged in and uses >cflocation to send them back to the login page if the var doesn't exist. I am slightly surprised that this has ever worked if I understand it correctly. Session and Client variables normally use cookies to control themselves, if not you have to use CFID and CFToken in your URLs. cflocation has a proviso that if you use it then any cookies set in the page before the cflocation tag will _not_ actually get sent to the browser under normal circumstances. This means that if you have a cflocation in your initial entry then your session may not well be set up properly..... -- Yours, Kym ______________________________________________________________________ Your ad could be here. Monies from ads go to support these lists and provide more resources for the community. http://www.fusionauthority.com/ads.cfm FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
