H
HorseGeek
I can't find a cookie that my code is writing. The behavior of my
webpages indicates that the cookie IS being written SOMEPLACE.
However, I can't find it.
My client does not want the code going into production unless they can
actually see where the cookie is being written. They are concerned
that the cookie may stay around after they leave the screen and grant
authorization to other users to get to web pages that they are now
allowed to access.
I've included code below so you can see what I'm doing.
THANKS!
R
The cookie is first written by a login script.
Response.Cookies('sSecurity') = sSecurity;
// Set the cookie's path
sCOOKIEPATH = fSetCookiePath(); //See code at end
//Sets the cookie's expiration time to one hour in the future
sDate = fSetCookieTime('HOURS',1);
Each time the user navigates to a new screen, their authorization is
checked.
if (sSecurity == ''){
Response.Redirect('/client/login.asp)
}
else{
sDate = fSetCookieTime('HOURS',1);
}
var cookie_path = "";
cookie_path = fSetCookiePath();
function fSetCookiePath() {
var path_variable = Request.ServerVariables.Item('HTTP_REFERER');
var get_loc = 0;
var path_start = 0;
var cookie_path = "";
var path_len = 0;
path_variable = new String( path_variable);
path_start = path_variable.indexOf('//');
cookie_path = path_variable.substr(path_start + 2);
path_start = cookie_path.indexOf('/');
path_len = cookie_path.length - 1;
cookie_path = cookie_path.substr(path_start, path_len);
path_len = cookie_path.length - 1;
cookie_path = cookie_path.substr(0, path_len);
//If there is more than one "/" remove any data following the second
// "/"
get_loc = cookie_path.indexOf("/", 1)
if (get_loc > 0) {
cookie_path = cookie_path.substr(0, get_loc);
}
//If a path is created, then set the path
if (cookie_path > "") {
Response.Cookies('stoken').Path = cookie_path;
}
return cookie_path;
}
webpages indicates that the cookie IS being written SOMEPLACE.
However, I can't find it.
My client does not want the code going into production unless they can
actually see where the cookie is being written. They are concerned
that the cookie may stay around after they leave the screen and grant
authorization to other users to get to web pages that they are now
allowed to access.
I've included code below so you can see what I'm doing.
THANKS!
R
The cookie is first written by a login script.
Response.Cookies('sSecurity') = sSecurity;
// Set the cookie's path
sCOOKIEPATH = fSetCookiePath(); //See code at end
//Sets the cookie's expiration time to one hour in the future
sDate = fSetCookieTime('HOURS',1);
Each time the user navigates to a new screen, their authorization is
checked.
if (sSecurity == ''){
Response.Redirect('/client/login.asp)
}
else{
sDate = fSetCookieTime('HOURS',1);
}
var cookie_path = "";
cookie_path = fSetCookiePath();
function fSetCookiePath() {
var path_variable = Request.ServerVariables.Item('HTTP_REFERER');
var get_loc = 0;
var path_start = 0;
var cookie_path = "";
var path_len = 0;
path_variable = new String( path_variable);
path_start = path_variable.indexOf('//');
cookie_path = path_variable.substr(path_start + 2);
path_start = cookie_path.indexOf('/');
path_len = cookie_path.length - 1;
cookie_path = cookie_path.substr(path_start, path_len);
path_len = cookie_path.length - 1;
cookie_path = cookie_path.substr(0, path_len);
//If there is more than one "/" remove any data following the second
// "/"
get_loc = cookie_path.indexOf("/", 1)
if (get_loc > 0) {
cookie_path = cookie_path.substr(0, get_loc);
}
//If a path is created, then set the path
if (cookie_path > "") {
Response.Cookies('stoken').Path = cookie_path;
}
return cookie_path;
}