>What security zone is your site in, in the affected browsers? > >Are the cookies the standard CF session tokens (CFID/CFTOKEN or >JSESSIONID)? Or are you doing something else? Are you setting the >cookies for the same host that the user is visiting? > >Dave Watts
Security zone is usually the defaults from what i can tell. CFID/CFTOKEN are the tokens in use. I thought about switching to JSESSIONID, but I've never done it, and have no idea how it would affect the app or all the apps on the server. Advice on that is welcome, of course... it's it a transparent switch? I assume all existing cookie-holding users would be logged out... (that could be a show-stopper right now...) ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Want to reach the ColdFusion community with something they want? Let them know on the House of Fusion mailing lists Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:330355 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4