Hi
We have one CF web server running CF11 and noticed that the CFTOKEN and CFID
cookies on that server have a long (51 char) string of random looking
characters before the actual CFID or CFOTKEN numeric value.
Ex: CFTOKEN = Z3epk1hxi861r0je68dw9xjrpf2oqa1vm0ygobljizhhw2d5gjh-22151980
Within CF, the COOKIE.CFTOKEN value looks normal... "22151980" from my example
above. So, it looks like CF is adding the prefix when it sets the cookie and
strips it off when parsing cookies for apps to use. We see the same prefix
each time. (No other cookies have this prefix; we tried setting a CFTOKEN
cookie value manually in code and the new value ends up with the prefix.)
The problem if that we use domain cookies (for cross-server session management
and user tracking) so these funky values are being presented to other web
servers that are not running CF11 (all the rest of CF10), and they are getting
confused by it.
I didn't see anything like this mentioned in CF11 docs. I really need to
disable it in the short term to keep things running smoothly until we have CF11
everywhere.
Is this new behavior? Is it documented anywhere? Can I turn it off?
(We are aware of the GUID session management cookie; for the time being we need
to continue to use CFTOKEN & CFID.)
Help!
Thanks
Mark
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~|
Order the Adobe Coldfusion Anthology now!
http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion
Archive:
http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:360386
Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm
Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
