This seems to be affecting anyone using IE6 with the latest round of patches.
Does anyone know if M$ has recognized the problem and is there a decent thread anywhere about it? We are having issues enterprise wide and with more than just our cf servers. Trey > -----Original Message----- > From: Mark W. Breneman [mailto:[EMAIL PROTECTED]] > Sent: Thursday, August 29, 2002 10:37 AM > To: CF-Talk > Subject: RE: Big problem- session vars not saved in IE6 on CF5 > > Ok, so why does this only effect some people. > > I have 20ish sites that use sessions on my server and they have no > problems > that I have had reported to me. But, a client's server seems to have this > problem. > > MB > > > -----Original Message----- > From: Benjamin S. Rogers [mailto:[EMAIL PROTECTED]] > Sent: Thursday, August 29, 2002 10:22 AM > To: CF-Talk > Subject: RE: Big problem- session vars not saved in IE6 on CF5 > > > As I noted, we did try adding a P3P policy, created using the IBM P3P > Policy Editor. However, that did not fix the problem. We even tried > setting the privacy settings to their most lax state. That did not fix > the problem either. The only workaround to this bug that we've found is > to add the site to the listed of allowed sites, which seems to bypass > the whole privacy engine. > > Benjamin S. Rogers > http://www.c4.net/ > v.508.240.0051 > f.508.240.0057 > > -----Original Message----- > From: Smith, Matthew P -CONT(DYN) [mailto:[EMAIL PROTECTED]] > > Sent: Thursday, August 29, 2002 11:05 AM > To: CF-Talk > Subject: RE: Big problem- session vars not saved in IE6 on CF5 > > > This has come up a few times in discussion. > > I think we really need a good solution for the p3p policy and cold > fusion, > as I feel this is the root of the problem. P3p enforcement might be > adopted > by other(all) browers down the line, so it would probably be a good idea > to > get it solved now. > > I wonder if we could come up with a generic p3p policy document that > people > could incorporate into their site to allow the cookies we need for our > CF > apps? > > Funny thing is, asp.net apps have absolutely no problem placing their > cookies. Who woulda guessed? > > Here's a good thread about the issue: > http://webforums.macromedia.com/coldfusion/messageview.cfm?catid=3&threa > did= > 230279&highlight_key=y&keyword1=cookies&keyword2=p3p > > Anyone know of a good tutorial to get p3p implemented? I really don't > want > to know the ins and outs, just get around the default ie6 settings... I > guess that was what I was alluding to above. > > Matthew P. Smith > Web Developer, Object Oriented > Naval Education & Training Professional > Development & Technology Center > (NETPDTC) > (850)452-1001 ext. 1245 > [EMAIL PROTECTED] > > > >>-----Original Message----- > >>From: Benjamin S. Rogers [mailto:[EMAIL PROTECTED]] > >>Sent: Thursday, August 29, 2002 9:44 AM > >>To: CF-Talk > >>Subject: RE: Big problem- session vars not saved in IE6 on CF5 > >> > >>There seems to be a bug the Internet Explorer 6 privacy settings. > >>Despite significantly lax restrictions, we have had a lot of problems > >>with IE 6 users and sites that use cookies to track sessions. > >> > >>In troubleshooting the issue, we've attempted to add P3P privacy > >>policies to our sites. We have tried altering the domain attribute on > >>the cookies. We tried just about everything we could think of. > >> > >>The only workaround that we've found is to have the client add the > site > >>to their list of allowed sites (In the "Web Sites" section of the > >>"Privacy" tab). This fixes the problem in every instance we've > >>encountered. > >> > >>This is reasonably good work around for Intranet/Extranet sites. > >>Obviously, however, it is not so good for public Internet sites. So > far, > >>we've left these sites "broken" and simply pointed our fingers at > >>Microsoft. So, if someone has a true fix, please share it. > >> > >>Benjamin S. Rogers > >>http://www.c4.net/ > >>v.508.240.0051 > >>f.508.240.0057 > >> > >>-----Original Message----- > >>From: John Beynon [mailto:[EMAIL PROTECTED]] > >>Sent: Thursday, August 29, 2002 5:32 AM > >>To: CF-Talk > >>Subject: RE: Big problem- session vars not saved in IE6 on CF5 > >> > >> > >>And you know what - I'm debugging an app that used to work but doesn't > >>anymore since the other day! > >> > >>Darn M$ > >> > >>Jb. > >> > >>-----Original Message----- > >>From: Sandy Clark [mailto:[EMAIL PROTECTED]] > >>Sent: 29 August 2002 02:23 > >>To: CF-Talk > >>Subject: RE: Big problem- session vars not saved in IE6 on CF5 > >> > >> > >>I had the exact same problem this week when I upgraded my ie6 with the > >>newest M$ patches. > >> > >>I have a form, which sends a login page to a script. Because the > login > >>page > >>uses a submit button, the cookies for CFID and CFTOKEN would normally > be > >>set > >>there. After processing, the login script cflocations the person to a > >>new > >>page. > >> > >>The funny thing is that I am not using CFLocation, but the Fusebox > >>CF_Location tag which was not cookie problematic. > >> > >>The app works fine on Opera, Netscape 4.x and 6.2 as well as on IE < > 6. > >> > >>The application was definitely losing cookies, I cfdumped all session > >>variables and http_cookie changed each time. My ultimate solution was > >>to > >>pass (during the first CF_Location only), the CFID and CFTOKEN on the > >>URL. > >>After that I don't pass them and the application works fine. I > checked > >>all > >>my settings in IE 6 and they were all accepting cookies. Very weird. > >> > >>Any other better solutions (or even better rational explanations for > the > >>problem) would be much appreciated. > >> > >>Sandy Clark > >> > >>-----Original Message----- > >>From: Kym Kovan [mailto:[EMAIL PROTECTED]] > >>Sent: Wednesday, August 28, 2002 8:14 PM > >>To: CF-Talk > >>Subject: Re: Big problem- session vars not saved in IE6 on CF5 > >> > >> > >>Hi Don, > >> > >>>I am having a big problem with an old standard login system. This is > >>the > >>>most simple login system I know and have used it for years. > >>> > >>>It consists of: > >>>Login form page > >>>Login action page > >>>Main page > >>>Session variables tracking who is logged in > >>> > >>>The user enters in their login acct, the action page compares it > >>against the > >>>db, then sets some session variables and uses cflocation to forward > >>them to > >>>a new page or back to the login page if they fail. The application > >>page > >>>checks for the session variable to see if they're logged in and uses > >>>cflocation to send them back to the login page if the var doesn't > >>exist. > >> > >>I am slightly surprised that this has ever worked if I understand it > >>correctly. > >> > >>Session and Client variables normally use cookies to control > themselves, > >>if > >>not you have to use CFID and CFToken in your URLs. cflocation has a > >>proviso > >>that if you use it then any cookies set in the page before the > >>cflocation > >>tag will _not_ actually get sent to the browser under normal > >>circumstances. > >> > >>This means that if you have a cflocation in your initial entry then > your > >> > >>session may not well be set up properly..... > >> > >> > >>-- > >> > >>Yours, > >> > >>Kym > >> > >> > >> > >> > >> > > > ______________________________________________________________________ Get the mailserver that powers this list at http://www.coolfusion.com FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Archives: http://www.mail-archive.com/[email protected]/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
