• Post Reply Bookmark Topic Watch Topic
  • New Topic

cookie / url writing problem  RSS feed

vijayakumar vivekanandan
Posts: 21
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
1) Browser cookie support enabled.
Request first sent & server sets the session ID as cookie in the HTTP response header.

2) Browser sends the cookie back while making the next request to the server. Now the server picks up sessionID cookie and thus the client joins the session.

Response sent with session ID as cookie and not URLencoding since you found that cookie was enabled last time.

4) All of a sudden Browser cookie support disabled.
So what will happen now since for next subsequent request cookie disabled and also url is not rewritten with sessionID in the html response we got from the server. So will that session be lost?

Do we have any protection against this scenarion?
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!