> Thanks for all your replies guy's. Now I think I have
> found the cause of why
> my CFID & CFTOKEN are always in the URL but it also raises
> another issue.
> Oh, and I should have said that I am using Fusebox4.1,
> sorry!
> In my fusebox.init.cfm file I have the following code;
> <cfset request.self = "index.cfm">
> <cfset request.myself = "#URLSessionFormat(
> '#request.self'#)>
That's missing quotes after urlsession format... although really you
don't need any pounds or quotes here:
<cfset request.myself = URLSessionFormat(request.self)>
> It is the ' URLSessionFormat' that is including the CFID &
> CFTOKEN in the
> URL string. The next problem is that this is only supposed
> to happen if
> cookies are disabled on the client machine. In my case
> cookies are enabled,
> I have changed the code to <cfset request.myself =
> "#request.self#")> and everything works fine
You don't need pounds unless you have quotes and in this case you
don't need quotes, so I'd just use <cfset request.myself =
request.self>, although ultimately I would think it would be better
not to have two variables for that same purpose.
> but it would appear that the check
> for cookies being
> active is failing. Can anyone confirm if the following
> code is causing the
> cookie check fail?
> <cfif isdefined("cookie.CFID") AND
> isdefined("cookie.CFTOKEN")>
> <cfset localcfid = cookie.CFID>
> <cfset localtoken = cookie.CFTOKEN>
> <cfcookie name="CFID" value="#localcfid#">
> <cfcookie name="CFTOKEN" value="#localtoken#">
> </cfif>
It shouldn't... though I'm not sure what it would actually
accomplish... If you're wanting the cookies to expire when the browser
is closed I believe you need to provide an expires value in the
cfcookie tag, and there's no reason you should need to set them to
local variables first, <cfcookie name="cfid" value="#cookie.cfid#">
should work fine.
Output the value of cfid and cftoken to the page. Open the page in a
new window (without them in the url) and refresh it... if the values
change, then you're still not accepting cookies. There are a number of
different things that could cause this, not just the browser... Could
be Norton Internet Security or any number of other
AV/Firewall/Anti-Spyware packages causing it.
I would guess that there might also be a number of circumstances in
which the acceptance of cookies can't be reliably detected... I don't
know how they implemented it, but I've seen some implementations of
cookie-checking that rely on javascript which introduces additional
opportunities for failure.
s. isaac dealey 954.522.6080
new epoch : isn't it time for a change?
add features without fixtures with
the onTap open source framework
http://www.fusiontap.com
http://coldfusion.sys-con.com/author/4806Dealey.htm
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~|
Discover CFTicket - The leading ColdFusion Help Desk and Trouble
Ticket application
http://www.houseoffusion.com/banners/view.cfm?bannerid=48
Message: http://www.houseoffusion.com/lists.cfm/link=i:4:218216
Archives: http://www.houseoffusion.com/cf_lists/threads.cfm/4
Subscription: http://www.houseoffusion.com/lists.cfm/link=s:4
Unsubscribe:
http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
Donations & Support: http://www.houseoffusion.com/tiny.cfm/54
