Re: httponly and cookie-secure

ion scan and it still says the y are not httponly I think that setting only applies to CFID/CFTOKEN cookies, not the jsessionid cookie. You can try this trick: http://www.petefreitag.com/item/740.cfm or use your web server to append httponly to the cookies for you. -- Pete Freitag - Adobe Communi

httponly and cookie-secure

Not sure what I am missing here. We are running Coldfusion 9.0.2 in a clustered environment. I added the -Dcoldfusion.sessioncookie.httponly=true to the jvm.config file. I restart the coldfusion instances. Run an application scan and it still says the y are not httponly (also check using Chrome

Re: Setting Cookie Secure, Domain, Path

Thanks for the info Pete, I will investigate further! Richard >Hi Richard, > >Normally you can switch between J2EE and CFID/CFTOKEN cookies without >problem unless something in your application code is relying on one or the >other. It may be easy to change that or it may be quite involved, it >de

Re: Setting Cookie Secure, Domain, Path

Hi Richard, Normally you can switch between J2EE and CFID/CFTOKEN cookies without problem unless something in your application code is relying on one or the other. It may be easy to change that or it may be quite involved, it depends quite a bit on how your application is coded. If you want to u

Re: Setting Cookie Secure, Domain, Path

Hi Pete, yes although if i disable this my login stops working and appears the session variables that i use throughout the application cease to function. Thanks, Richard >Hi Richard, do you have Use J2EE session variables checked in the CF >administrator? > >-- >Pete Freitag - Adobe Community

Re: Setting Cookie Secure, Domain, Path

Hi Richard, do you have Use J2EE session variables checked in the CF administrator? -- Pete Freitag - Adobe Community Professional http://foundeo.com/ - ColdFusion Consulting & Products http://hackmycf.com - Is your ColdFusion Server Secure? http://www.youtube.com/watch?v=ubESB87vl5U - FuseGuard

Re: Setting Cookie Secure, Domain, Path

Thanks Pete, this does seem to work by adding it to the application.cfc. However, when i first open the browser and go to the site it shows an error that the session.cfide does not exist. The culprit is in the onSessionStart method as shown below. If I reload the window then its all fine as I s

Re: Setting Cookie Secure, Domain, Path

Hi Richard, You can use the technique here: http://www.petefreitag.com/item/764.cfm it doesn't set path, domain, or secure but you can just add that to the cfcookie tag in the CF9 example. -- Pete Freitag - Adobe Community Professional http://foundeo.com/ - ColdFusion Consulting & Products http:

Setting Cookie Secure Domain and Path

Hi, How would I set the the CFID and CFTOKEN secure, domain and path attributes for a specific application in the cfapplication.cfc file? I have done some searches but cannot seem to find how to do it. Many thanks Richard ~|

Setting Cookie Secure, Domain, Path

Hi, Is there a way to set the secure, domain and path values for session CFID and CFTOKEN cookies in the application.cfc page of CF9? I have done some searches but cannot seem to find an answer. Many thanks, Richard ~| Order

Re: HttpOnly session cookie setting ignored in CF10

> Are you getting both when you visit a single application? That doesn't > sound right. You should get one or the other. > I'm getting both. As far as I can remember, that's always been true. I just confirmed that all three - CFID, CFTOKEN and JSESSIONID - are returned from my live CF9 sites, to

Re: HttpOnly session cookie setting ignored in CF10

> What has changed - and I should have mentioned this before - is that the > CFID and CFTOKEN cookies are no longer http-only. However, the jsessionid > is still http-only. Are you getting both when you visit a single application? That doesn't sound right. You should get one or the other. Dave W

Re: HttpOnly session cookie setting ignored in CF10

Not a dumb question at all. As dumb a mistake as that is, I've done it many times. However, in this case, I've cleared the cookies and checked multiple browsers. What has changed - and I should have mentioned this before - is that the CFID and CFTOKEN cookies are no longer http-only. However, th

Re: HttpOnly session cookie setting ignored in CF10

> I've tried your suggestions, and (assuming I'm changing the correct files), > the cookies are still httpOnly. This may be a dumb question, but have you cleared your browser's cookies before retesting? Dave Watts, CTO, Fig Leaf Software http://www.figleaf.com/ http://training.figleaf.com/ Fig

Re: HttpOnly session cookie setting ignored in CF10

ng the CF service just from fun, when I > > access the dev site and examine the cookie content (in multiple > browsers), > > the cookies (jsession, CFID and CFTOKEN) are all set as httpOnly=true. > > > > Does anyone have any thoughts on this? > > Assuming you're ru

Re: HttpOnly session cookie setting ignored in CF10

re and HttpOnly options in the CF Admin. And my > Application.cfc contains this.sessioncookie.httponly=false. > > Yet despite this, and restarting the CF service just from fun, when I > access the dev site and examine the cookie content (in multiple browsers), > the cookies (jses

RE: HttpOnly session cookie setting ignored in CF10

Tom, Ah.. got it. Because there's it's not accepting it as a URL var it craps out. -Mark -Original Message- From: Tom McNeer [mailto:tmcn...@gmail.com] Sent: Thursday, October 03, 2013 11:24 AM To: cf-talk Subject: Re: HttpOnly session cookie setting ignored in CF10 Mar

Re: HttpOnly session cookie setting ignored in CF10

ookies are set as HttpOnly, and thus the variable in the request from the SWF is not recognized. At least, that's my current theory. On Thu, Oct 3, 2013 at 11:46 AM, Mark A Kruger wrote: > > Tom, > > Can you pass the cookie into your SWF from the calling page using flash > va

RE: HttpOnly session cookie setting ignored in CF10

Tom, Can you pass the cookie into your SWF from the calling page using flash vars and JS? -mark -Original Message- From: Tom McNeer [mailto:tmcn...@gmail.com] Sent: Thursday, October 03, 2013 10:05 AM To: cf-talk Subject: HttpOnly session cookie setting ignored in CF10 Hi, I have a

HttpOnly session cookie setting ignored in CF10

e and HttpOnly options in the CF Admin. And my Application.cfc contains this.sessioncookie.httponly=false. Yet despite this, and restarting the CF service just from fun, when I access the dev site and examine the cookie content (in multiple browsers), the cookies (jsession, CFID and CFTOKEN) are all s

Copy of Recent Revision of jQuery Cookie Plugin?

Interesting. I need a copy of jQuery's cookie plugin, but they've taken the plugins portion of the site down (http://plugins.jquery.com/project/Cookie). Does anyone by chance have a recent copy that you can send me off-lis

Re: Weird issue with CFHTTP and redirect with cookie

On Tue, Aug 9, 2011 at 2:42 PM, kbutte...@yahoo.com kbutte...@yahoo.com < kbutte...@yahoo.com> wrote: > > Hi all, > > I am working on a screen-scraper app, and I have a site that has an > disclaimer front page. You have to click on the "I understand" button and > then you are redirected to the i

Re: Weird issue with CFHTTP and redirect with cookie

n ID is almost certainly a cookie. You should be able to get it without disabling the redirect, but you can always disable the redirect, read the cookie, then request the target of the redirect in a second CFHTTP call. Dave Watts, CTO, Fig Leaf Software http://www.figleaf.com/ http://trainin

Re: Weird issue with CFHTTP and redirect with cookie

To clarify the below post, when I try to get the cookie by setting redirect="false" in my cfhttp call, I get an error and the message from cfcatch is " 302 Moved Temporarily " So that's why I can't get the cookie. > Hi all, > > I am working on a scr

Weird issue with CFHTTP and redirect with cookie

Hi all, I am working on a screen-scraper app, and I have a site that has an disclaimer front page. You have to click on the "I understand" button and then you are redirected to the inspections page that I need to get to. I can get to the disclaimer page, but I cannot get cfhttp to get past th

CF8 cfcookie vs cfheader set-cookie

I was updating our application to support httponly cookies and came across what seems like a ColdFusion quirk. I had to update a bunch of pages where we used to set cookies using cfcookie tag, so I went ahead and created a custom tag that all templates can use to set a cookie. Since CF8&#

Re: Closing Browser expires session/cookie

Okay, so I think you hit it Dave. I just need to shorten the session to 15 or 20 minutes. The system already requires a login when the user closes the browser so why not just shorten the timeout? I've already have the user sessions stored in a cookie so I was close, but didn't think

Re: Closing Browser expires session/cookie

:D On Sat, Nov 6, 2010 at 1:24 PM, denstar wrote: > > Naw, if I meant it like that I'd be all like, "[lmgtfy] FOAD!" vs. > "[lmgtfy] HAND!". :) > > I'm down with Bentley, yo! > > So there! =) > > :Den > > -- > Freedom is a system based on courage. > Charles Peguy > > > On Sat, Nov 6, 2010 at

Re: Closing Browser expires session/cookie

he browser is closed. If you've enabled J2EE sessions, they use a session cookie by default. You can also use client-side functionality (JavaScript, etc) to send a signal to the server when certain things happen, but again this isn't all that reliable. Dave Watts, CTO, Fig Leaf Sof

Re: Closing Browser expires session/cookie

Naw, if I meant it like that I'd be all like, "[lmgtfy] FOAD!" vs. "[lmgtfy] HAND!". :) I'm down with Bentley, yo! So there! =) :Den -- Freedom is a system based on courage. Charles Peguy On Sat, Nov 6, 2010 at 6:32 AM, Michael Grant wrote: > > OT: > lmgtfy.com = "what did the five finger

Re: Closing Browser expires session/cookie

OT: lmgtfy.com = "what did the five fingers say to the face?" On Sat, Nov 6, 2010 at 12:42 AM, denstar wrote: > > On Fri, Nov 5, 2010 at 5:26 PM, Tony Bentley wrote: > > > > So I have an app that uses cflogin, which works great if the user logs in > and out from the same browser. Now here is w

Re: Closing Browser expires session/cookie

On Fri, Nov 5, 2010 at 5:26 PM, Tony Bentley wrote: > > So I have an app that uses cflogin, which works great if the user logs in and > out from the same browser. Now here is where I am stumped: > > -User logs in, then closes the browser > -System does not allow the same user to be logged in more

Re: Closing Browser expires session/cookie

ed("cookie.cfid") and session.loggedin eq false){ > > //this is in case the user closes the browser and then opens it again > checkCookieAgainstLogAndDelogUser(cookie.cfid) > } > } > > So yeah, the user closes the browser but that doesn't fire the logout > method

RE: Closing Browser expires session/cookie

Pass, you would have to test that, it was just a suggestion :-) -Original Message- From: Sean Corfield [mailto:seancorfi...@gmail.com] Sent: 06 November 2010 01:26 To: cf-talk Subject: Re: Closing Browser expires session/cookie Um, won't that run every time you move to a new pa

Re: Closing Browser expires session/cookie

Um, won't that run every time you move to a new page in the same app? On Fri, Nov 5, 2010 at 5:49 PM, Russ Michaels wrote: > > Well you can use javascript to detect when the browser is closed and then > call another cfm page or make an ajax call to end the session. > > e.g. > > ~~~

RE: Closing Browser expires session/cookie

ssion/cookie Yeah but their session expires a couple of hours after they close the browser. So I could expire the session at a shorter timespan but if I can do it when the browser closes, that would be better. On Fri, Nov 5, 2010 at 4:50 PM, Russ Michaels wrote: > > Arn't they logged o

Re: Closing Browser expires session/cookie

Yeah but their session expires a couple of hours after they close the browser. So I could expire the session at a shorter timespan but if I can do it when the browser closes, that would be better. On Fri, Nov 5, 2010 at 4:50 PM, Russ Michaels wrote: > > Arn't they logged out automatically wh

RE: Closing Browser expires session/cookie

Arn't they logged out automatically when the session expires ? -Original Message- From: Tony Bentley [mailto:cascadefreehee...@gmail.com] Sent: 05 November 2010 23:27 To: cf-talk Subject: Closing Browser expires session/cookie So I have an app that uses cflogin, which works gre

Re: Closing Browser expires session/cookie

es the browser but that doesn't fire the logout method > or clear the cookie or session. When the user tries to login with another > browser without actually hitting logout, they cant log in. The only way is to > use the same browser that they originally closed. And it is not

Closing Browser expires session/cookie

("cookie.cfid") and session.loggedin eq false){ //this is in case the user closes the browser and then opens it again checkCookieAgainstLogAndDelogUser(cookie.cfid) } } So yeah, the user closes the browser but that doesn't fire the logout method or clear the cookie or session. When th

Re: Pulling Cookie Ids for www.mydomain.com and mydomain.com

olves to http://www.mydomain.com/. The nested content could then write information to the page that contains it using JavaScript, perhaps putting the cookie value in a hidden form field. Dave Watts, CTO, Fig Leaf Software http://www.figleaf.com/ http://training.figleaf.com/ Fig Leaf Software is

Pulling Cookie Ids for www.mydomain.com and mydomain.com

We're having issues with separate shopping cart cfcookies being set for http://www.mydomain.com and http://mydomain.com. 1. What's the best way to force each page to always use http://www.mydomain.com if they come to the page using http://mydomain.com. 2. For legacy shopping carts, how can I

RE: kill cookie on browser close

Ah.. interesting. I use Rhapsody that I believe uses IE. I will close all applications and try again. Thanks, chad > -Original Message- > From: Dan G. Switzer, II [mailto:dswit...@pengoworks.com] > Sent: Thursday, November 12, 2009 12:36 PM > To: cf-talk > Subject: Re:

RE: kill cookie on browser close

Must be something on my end. The production server this code does not work in IE and the dev server it does work in IE. Strange. > -Original Message- > From: Chad Gray [mailto:cg...@careyweb.com] > Sent: Thursday, November 12, 2009 11:40 AM > To: cf-talk > Subject:

Re: kill cookie on browser close

orks just fine. > > I don't think it is just my browser... I have tried another computer with > IE8 and it does not kill the session cookie. > > > > > > > > > > > > ~

kill cookie on browser close

Anyone notice that in IE this codes does not appear to work anymore? Firefox it works just fine. I don't think it is just my browser... I have tried another computer with IE8 and it does not kill the session c

Re: Cookie and Browser

>Just to make your head spin-- there is one annoying little caveat to >this. Cookies sent to a Flash request in IE will be sent by Flash in FF >because the Flash VM shares the same memory space for cookies between >browsers. This doesn't bode very well if you need to have a Flash >object make a

RE: Cookie and Browser

ake a request to a page secured by a login using cookies for authentication in any browser other than IE. http://swfupload.org/forum/generaldiscussion/383 ~Brad Original Message Subject: Re: Cookie and Browser From: Don L Date: Thu, September 03, 2009 8:56 am To: cf-talk

RE: Cookie and Browser

IE and Firefox use different directories to store cookies, so they can't see each others. -Original Message- From: Don L [mailto:do...@yahoo.com] Sent: 03 September 2009 14:07 To: cf-talk Subject: Cookie and Browser I'm wondering for coldfusion8 if a cf cookie set for IE

Re: Cookie and Browser

> You cannot read a cookie set in FireFox with Internet Explorer and > vice versa. Cookies are browser specific. > > On Thu, Sep 3, 2009 at 9:07 AM, Don L wrote: > > ... > > ok, thank you. ~| Want

Re: Cookie and Browser

You cannot read a cookie set in FireFox with Internet Explorer and vice versa. Cookies are browser specific. On Thu, Sep 3, 2009 at 9:07 AM, Don L wrote: > > I'm wondering for coldfusion8 if a cf cookie set for IE7 would be available > for Firefox 3.5 or vice verse.  It appears

Cookie and Browser

I'm wondering for coldfusion8 if a cf cookie set for IE7 would be available for Firefox 3.5 or vice verse. It appears cf cookie set is not browser specific, however, when I extended a cf cookie for firefox 3.5, IE7 did not recognize it. Am I missing something

Re: Cookie won't set

I stand corrected, sir. 6.1 did address the problem. G! On Fri, Jun 19, 2009 at 8:01 PM, Dave Watts wrote: > > > Not to split hairs, but it is applicable for for the version of CF Brian > is > > running. ;o) > > CF 6.1 doesn't have this problem. It was fixed in CF 6. > > Dave Watts, CTO, Fig L

Re: Cookie won't set

> Not to split hairs, but it is applicable for for the version of CF Brian is > running.  ;o) CF 6.1 doesn't have this problem. It was fixed in CF 6. Dave Watts, CTO, Fig Leaf Software http://www.figleaf.com/ Fig Leaf Software provides the highest caliber vendor-authorized instruction at our tr

Re: Cookie won't set

Not to split hairs, but it is applicable for for the version of CF Brian is running. ;o) G! On Fri, Jun 19, 2009 at 2:50 PM, Dave Watts wrote: > > > I didn't see it in your code but if you have a cflocation on the same > script > > as cfcookie, the cookie will not set

Re: Cookie won't set

> I didn't see it in your code but if you have a cflocation on the same script > as cfcookie, the cookie will not set (or at least it used to behave this > way). This is no longer true, and hasn't been for some time. Dave Watts, CTO, Fig Leaf Software http://www.figleaf.com/

Re: Cookie won't set

I am able to get it to work when not in cflogin but that kind of defeats the purpose since I want to have a 'Remember me' function on the form when they log in. ~| Want to reach the ColdFusion community with something they wa

RE: Cookie won't set

Sorry, this actually works for me every time. I'm thinking maybe you not reading the cookie correctly. Using just the lines: I get a cookie every time. You are looking at the right thing, yes? You get one file for each domain cookie and all the 'cookies' a

Re: Cookie won't set

Strangely, when I put the cfcookie tag outside the cflogin tags it sets it no problem so there isn't an issue with the application file not being able to set it. Is setting a cfcookie inside cflogin tags allowed by cf? ~| Wan

Re: Cookie won't set

When I do that, it just sets a cookie with cfid and cftoken but not the rememberMe cookie. I stopped and started coldfusion and web services and completely logged out before trying. ~| Want to reach the ColdFusion community

RE: Cookie won't set

A: Firefox and Live HTTP Headers Plugin. Q: How can I see the cookies and when they are set? Thanks, Mike -Original Message- From: Gerald Guido [mailto:gerald.gu...@gmail.com] Sent: Friday, June 19, 2009 1:02 PM To: cf-talk Subject: Re: Cookie won't set IIRC the cookie data wil

Re: Cookie won't set

IIRC the cookie data will not become available until the next page request. Is that the issue? G! On Fri, Jun 19, 2009 at 1:51 PM, Brian Bradley wrote: > > that did set the a cookie but it didn't have much info in it: > > CFID3828429www.mysite/1536130993382432144063

Re: Cookie won't set

that did set the a cookie but it didn't have much info in it: CFID3828429www.mysite/153613099338243214406379731241530011654*CFTOKEN9991598www.mysite.cm/155125629308509198586* Not the rememberMe with Test as a value. Does that make sense t

Re: Cookie won't set

On Fri, Jun 19, 2009 at 1:35 PM, Brian Bradley wrote: > > loginStorage="Session"> As mentioned previously when you have loginStorage="session" it won't set a cookie, it stores the authentication token in a session variable instead. The na

Re: Cookie won't set

set the cookie before tag. Azadi Saryev Sabai-dee.com http://www.sabai-dee.com/ On 20/06/2009 00:35, Brian Bradley wrote: > I don't define CFLOCATIOn but if I go to a page for the first time, lets say > www.mysite.com/securedpage.cfm - it brings up the login page. After I lo

Re: Cookie won't set

I don't define CFLOCATIOn but if I go to a page for the first time, lets say www.mysite.com/securedpage.cfm - it brings up the login page. After I log in, it takes me to the securedpage.cfm without having to put a cflocation. Here is my code again

RE: Cookie won't set

lug in to our blog: A&W Unplugged http://www.austin-williams.com/unplugged -Original Message- From: Brian Bradley [mailto:bbrad...@plrb.org] Sent: Friday, June 19, 2009 1:04 PM To: cf-talk Subject: Re: Cookie won't set Cookies are enabled. I use them all over with our curren

Re: Cookie won't set

Cookies are enabled. I use them all over with our current site. I am stumpted. ~| Want to reach the ColdFusion community with something they want? Let them know on the House of Fusion mailing lists Archive: http://www.house

Re: Cookie won't set

I didn't see it in your code but if you have a cflocation on the same script as cfcookie, the cookie will not set (or at least it used to behave this way). What I used to do is set a session variable and set the cookie later on if need be. HTH G! On Fri, Jun 19, 2009 at 11:09 AM, Brian Br

RE: Cookie won't set

Just for kicks, check your browser to be sure cookies are enabled. If that's the case, try just creating a simple CF page that just drop a cookie and see if it works. If that works then you'll need to look more closely at your conditioning. If it doesn't work you may have a probl

Re: Cookie won't set

MX 6.1 >Brian, > >What version of CF? > >-Mark > > > >Mark A. Kruger, CFG, MCSE >(402) 408-3733 ext 105 >www.cfwebtools.com >www.coldfusionmuse.com >www.necfug.com > >Tried putting setclientcookies="yes" and loginStorage="cook

RE: Cookie won't set

Brian, What version of CF? -Mark Mark A. Kruger, CFG, MCSE (402) 408-3733 ext 105 www.cfwebtools.com www.coldfusionmuse.com www.necfug.com -Original Message- From: Brian Bradley [mailto:bbrad...@plrb.org] Sent: Friday, June 19, 2009 11:33 AM To: cf-talk Subject: Re: Cookie won&#

Re: Cookie won't set

Tried putting setclientcookies="yes" and loginStorage="cookie" and that didn't work. Also changed the language of to None worked. Still won't set the cookie. Any other ideas? ~| Want to

RE: Cookie won't set

her/or.  It must be &. Plug in to our blog: A&W Unplugged http://www.austin-williams.com/unplugged -Original Message- From: Dave Watts [mailto:dwa...@figleaf.com] Sent: Friday, June 19, 2009 11:50 AM To: cf-talk Subject: Re: Cookie won't set > I am working with CFLOGIN and

RE: Cookie won't set

t must be &. Plug in to our blog: A&W Unplugged http://www.austin-williams.com/unplugged -Original Message- From: Brian Bradley [mailto:bbrad...@plrb.org] Sent: Friday, June 19, 2009 11:09 AM To: cf-talk Subject: Cookie won't set I am working with CFLOGIN and it is working th

Re: Cookie won't set

> I am working with CFLOGIN and it is working the way I want it to but isn't > setting the > cookie.  Can anyone see why? > > loginStorage="Session"> If you use loginStorage="SESSION", I believe it'll just use your session token and won

Cookie won't set

I am working with CFLOGIN and it is working the way I want it to but isn't setting the cookie. Can anyone see why? You must enter text in both the User Name and Password f

Re: httpOnly cookie for cftoken/cfid

> Has anyone successfully managed to wrap up their cookies with a httpOnly > attribute? > Doing this should prevent javascript accessing the document.cookie variable > which helps > prevent XSS attacks, however for the life of me I cannot get it to work, and > am still able to > see the site coo

httpOnly cookie for cftoken/cfid

Has anyone successfully managed to wrap up their cookies with a httpOnly attribute? Doing this should prevent javascript accessing the document.cookie variable which helps prevent XSS attacks, however for the life of me I cannot get it to work, and am still able to see the site cookies via aler

Re: Cookie or no cookie?

Don L wrote: > Maybe, there's a better javascript function to detect if the IE6/7 in question is cookie-enabled or not. Perhaps ask the user if they want the cookie (for auto login or some such I presume)? ~| Adobe® Co

Cookie or no cookie?

I need to flush out the cookie thing with IE6/7. I find cookie enabling/disabling confusing with IE6 and IE7. On one hand, the Block All Cookies option seems to have maximum security for user protection but then when I immediately click on the Advance tab, it indicates First Party Cookies

Re: Smart redirect (with cookie goodness)

Wicked cool... thanks :-) Darren >> I can't use cflocation because it has cookie issues, so I'm >> using meta-refresh. > >This has not been true for a long, long time. > >Dave Watts, CTO, Fig Leaf Software >http://www.figleaf.com/ > >Fig Leaf S

Re: Smart redirect (with cookie goodness)

; Problem is that a user might be entering the site using one of these > redirect pages, but since it's their first hit I need to write session > cookies. > > I can't use cflocation because it has cookie issues, so I'm using > meta-refresh. But, I don't like

RE: Smart redirect (with cookie goodness)

> I can't use cflocation because it has cookie issues, so I'm > using meta-refresh. This has not been true for a long, long time. Dave Watts, CTO, Fig Leaf Software http://www.figleaf.com/ Fig Leaf Software provides the highest caliber vendor-authorized instruction at our tra

Smart redirect (with cookie goodness)

#x27;t use cflocation because it has cookie issues, so I'm using meta-refresh. But, I don't like making that round trip to the client and relying on meta-refresh if I don't have to. What I'd like to do is something like this... http://www.mysite.com/targetPage.cfm";>

COOKIE : Test for expires = "never"

I define a cookie conditionally like this: if (isDefined("persistentCookie")) { setCookie(cName="session_key", cValue=authResults.session_key, cPersist="true"); } else { setCookie(cName="session_key", cValue=authResults.session_key); } The function sets

RE: CF Cookie questions

> Because I normally use session variables for security, I > rarely use the cf cookie tag. > > If I need multiple variables (loggedin, fname, lname, > recornum.etc) do I need to set multiple cookies or is there a > way to set all this in one cookie? A cookie is a string. Yo

RE: CF Cookie questions

You could set it as a delimited list. "TRUE|Michael|Dawson|69" Just be aware of a cookie's max length. m!ke -Original Message- From: Scott Stewart [mailto:[EMAIL PROTECTED] Sent: Friday, May 09, 2008 9:53 AM To: CF-Talk Subject: CF Cookie questions Hey all, Bec

CF Cookie questions

Hey all, Because I normally use session variables for security, I rarely use the cf cookie tag. If I need multiple variables (loggedin, fname, lname, recornum.etc) do I need to set multiple cookies or is there a way to set all this in one cookie? Thanks as always sas -- Scott

RE: Cookie Question - Is this implementation even a good performa nce/technical Idea?

> Thanks for the reply. My hesitation with using cf client > variables is that I'd need to enable clientmanagement, which > I currently don't have enabled. > > Wouldn't that add a lot of extra overhead for this one > feature I'd like to add? If you're using session management, there's no need

Re: Cookie Question - Is this implementation even a good performance/technical Idea?

then append a CFID to the URL of every links on my page? Thus breaking my SEO? Are there any other options to implement a efficient feature such as this. Thanks for your time --- Ci James <[EMAIL PROTECTED]> wrote: > I am not sure that I would place the actual cookie > creation into t

Re: Cookie Question - Is this implementation even a good performance/technical Idea?

I am not sure that I would place the actual cookie creation into the Application.cfm pages, though this may be a good place to check for the existence of a cookie it is a bad place to do your application logic especially if it is not needed to run for most of your site. Thus you may want to

Cookie Question - Is this implementation even a good performance/technical Idea?

I'd like to implement the following feature: the first time a user visits my site, if cookie "visitedSite" does not exist, the site display a div welcoming the user etc... End goal, on a person first visit, they are given a nice welcome & intro message. on subsequent v

Re: Multiple Users Per Cookie.

te a separate column which contains a UUID or something along > those lines? Somehow feels safer that way. > > Thanks again mate, > > Rob > > -Original Message- > From: Andrew Scott [mailto:[EMAIL PROTECTED] > Sent: 01 September 2007 13:43 > To: CF-Talk > Subject

RE: Multiple Users Per Cookie.

y. Thanks again mate, Rob -Original Message- From: Andrew Scott [mailto:[EMAIL PROTECTED] Sent: 01 September 2007 13:43 To: CF-Talk Subject: Re: Multiple Users Per Cookie. No such thing as multiple cookies for a domain ro website. But yes a list could work, but it is limited. your bes

Re: Multiple Users Per Cookie.

ure on the login for my > application, which saves just the username, not the password of the user, > so when they next come to the site the form is already populated with > their username. > > Now the slight difference with this is that I want to be able to save > multiple users

Multiple Users Per Cookie.

application, which saves just the username, not the password of the user, so when they next come to the site the form is already populated with their username. Now the slight difference with this is that I want to be able to save multiple users into the cookie, so if several user access the site from

Re: Clearing the Cookie that gets set when using Client variables.

It should have been (removed the Not): or if you want to clear the whole session struct for that user: -Aaron ~| Get the answers you are looking for on the ColdFusion Labs Forum direct from active programmers an

Re: Clearing the Cookie that gets set when using Client variables.

It should have been (removed the Not): or if you want to clear the whole session struct for that user: -Aaron ~| Create robust enterprise, web RIAs. Upgrade to ColdFusion 8 and integrate with Adobe Flex http://w

RE: Clearing the Cookie that gets set when using Client variables.

Che, You should also run this code to clear out the session for that user: -Aaron -Original Message- From: Aaron Wolfe [mailto:[EMAIL PROTECTED] Sent: Wednesday, July 25, 2007 3:09 PM To: CF-Talk Subject: RE: Clearing the Cookie that gets set when

  1   2   3   4   5   6   7   >