Problem with querystrings and cookies

E

Eifion

I've noticed a strange problem with setting cookies in ASP when the
cookie name you're setting exists in the querystring. The company I
work for has many partner sites who link to our site like this:
www.mycompany.com/partner.asp?PartnerID=??? The partner.asp page then
sets a cookie called PartnerID containing the value from the
querystring.

We have noticed, however, that if the partner calls the partner.asp
page and alters the capitalization of 'PartnerID' then another cookie
gets set which takes the capitalization of 'PartnerID' from the
querystring. All of the other asp pages in the site then seem to read
the first cookie set and thus it appears that the 'wrong' partner
settings are being used.

Has anyone experienced this problem before? Unfortunately altering the
cookie or querystring names would be a non-trivial task so this is not
an option at the moment.

Eifion
 
R

Ray at

How are you setting the cookie? Unless you're grabbing the name part from
the name/value pair in the querystring and using that as a cookie, the
cookie name will be whatever you set it as. Are you sure that you aren't
doing something like Request("partnerid") as opposed to
Request.QUERYSTRING("partnerid") or Request.COOKIES("partnerid")?

Ray at work
 
E

Eifion

Ray at said:
How are you setting the cookie? Unless you're grabbing the name part from
the name/value pair in the querystring and using that as a cookie, the
cookie name will be whatever you set it as. Are you sure that you aren't
doing something like Request("partnerid") as opposed to
Request.QUERYSTRING("partnerid") or Request.COOKIES("partnerid")?
Click to expand...

The code below reproduces the problem. If I go to
http://localhost/cookies.asp?Partner=ABC
I see 'Partner=ABC;' in the JavaScript cookie string. If I then go to
http://localhost/cookies.asp?Partner=DEF
then the cookie gets changed as expected. If I then try
http://localhost/cookies.asp?PArtner=GHI
then another Partner cookie gets appended to the querystring like this
Partner=DEF; ASPSESSIONIDSSAATSAT=LFFBLJKABHFOLLGDOCGOCKOI; PArtner=GHI

which gives two cookies with the same name (except for capitalisation).

Eifion

<%
strSource = Request.QueryString("Partner")
Response.Cookies("Partner") = strSource
%>
<Html>
<Head>
<Title></Title>
</Head>
<Body>
<script type="text/javascript">
document.write(document.cookie);
</script>
</Body>
</Html>
 
R

Ray at

Although I never thought about if this would carry through to such code,
javascript is a case sensitive language. What are you doing with that
client side cookie code anyway?

Ray at work
 
E

Eifion

Nothing. The problem is that VBScript seems to get confused when reading
the cookies back on the server and sometimes gets the 'wrong' one when I
do a Request.Cookies("PartnerID"), ignoring the most recently set
partner cookie and choosing an earlier one.

Eifion
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

WinHttpRequest and cookies problem 3
ASP.NET discrete querystrings 1
cookies 101 3
Cookies expire immediately, not when set to expire 2
Problem with Sessions / Cookies 8
cookies 2
Need help with this script 4
Passing Variables or Querystrings? 4

Members online

Total: 34 (members: 2, guests: 32)
Robots: 446

Forum statistics

Threads
473,768
Messages
2,569,574
Members
45,049
Latest member
Allen00Reed

Latest Threads

Top