Blocking of session cookies is _not_ default IE6. IE6 will block cookies if they are set by a third party by default, that's it. Creating a p3p policy file can allow bypass of this.
-- jon mailto:[EMAIL PROTECTED] Tuesday, July 29, 2003, 4:46:00 PM, you wrote: JB> Richard, JB> Is this happening in IE6? In this version, the default setting is to block all session cookies, unless the website has a programatic privicy policy or the user specifically adds the web domain to JB> the privicy list. In other words the session cookie is never set! JB> Keep in mind session cookies (CFID and CFTOKEN) are stored as a cookie on the client's machine. The client uses this information to pull the session variable. JB> So, this is not a Cold Fusion problem, but rather the way IE handles cookies. The workaround (other than using client variables) is to attached CFTOKEN and CFID into every URL and form-- this JB> will bypass this issue and provide Cold Fusion with a method to look up session variables. JB> Jeremy Brodie >>Recently, we've discovered that if someone logs in to our website in IE, >>then goes ahead and clears out their cache and cookies while logged in, >>they will never again be able to log in to our website. I'm pretty sure >>that this has something to do with the way that we use our session >>variables to track students, but I'm not sure. JB> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Archives: http://www.houseoffusion.com/cf_lists/index.cfm?forumid=4 Subscription: http://www.houseoffusion.com/cf_lists/index.cfm?method=subscribe&forumid=4 FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Get the mailserver that powers this list at http://www.coolfusion.com Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
