Mike Chabot wrote: > The referrers are all "-" although I only examined one week of log > files. All the users with the issue are using Firefox, but that may > just be a coincidence. > > This organization has hundreds of CF apps under the same domain. If > someone is using domain cookies, then the problem could be anywhere. I > noticed that nearly all the problem cookies contain jsessionids. The > department I am working with doesn't use jsessionids, so these values > must be getting set by another department in the organization.
That is a plausible explanation: somebody tries to add some extra security by removing CFID and CFTOKEN cookies to force the use of a jsessionid. You might want to try and do a DNS listing for the entire domain and set up a crawler that examines the cookie responses of each site. Jochem ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| ColdFusion 8 - Build next generation apps today, with easy PDF and Ajax features - download now http://download.macromedia.com/pub/labs/coldfusion/cf8_beta_whatsnew_052907.pdf Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:289591 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
