Speaking of not accepting cookies, that may become common place. Check this out from eWeek...
COOKIE FLAW LEAVES IE USERS VULNERABLE TO ATTACKS A newly discovered flaw in the way that Internet Explorer handles Web site cookies could enable an attacker to view and edit a user's personal data contained in the cookies. The vulnerability affects all versions of IE, but is mitigated by several factors, according to a bulletin released last week by Microsoft Corp. Under normal operation, Web sites are only able to access the cookies for their site on a given user's machine. By crafting a URL with specific contents, an attacker could gain access to cookies for other sites and edit the contents of the files by injecting a script. To read the story, click here: http://eletters1.ziffdavis.com/cgi-bin10/flo?y=eMVO0Cn5RF0E4J0bQh0An Jim -----Original Message----- From: Martin van den Bemt [mailto:[EMAIL PROTECTED]] Sent: Tuesday, November 13, 2001 9:55 AM To: Tomcat Users List Subject: RE: REPOST: NEED HELP URGENT:: internet explorer nullifies session on open new window It seems that ie 6 isn't accepting cookies by default (collegue of mine is also using ie 6 and had the same problem, even in 1 window). He set a certain option and everything was working again. Can you confirm that that is the default, else everyone must start using url rewriting to keep ie6 users happy Mvgr, Martin > -----Original Message----- > From: Jim Urban [mailto:[EMAIL PROTECTED]] > Sent: Tuesday, November 13, 2001 4:21 PM > To: Tomcat Users List > Subject: RE: REPOST: NEED HELP URGENT:: internet explorer nullifies > session on open new window > > > Our application does the same thing (openning child browser windows and > closing them) and we have no problems with IE 5.5. We have not tried I.E. > 6.0 yet, so I can't comment on that. We are running Tomcat 4.0 on Win NT > and 2K. > > Jim > > -----Original Message----- > From: Amit Kelkar [mailto:[EMAIL PROTECTED]] > Sent: Tuesday, November 13, 2001 9:01 AM > To: Tomcat Users List > Subject: REPOST: NEED HELP URGENT:: internet explorer nullifies session > on open new window > > > > > -----Original Message----- > From: Amit Kelkar [mailto:[EMAIL PROTECTED]] > Sent: Tuesday, 13 November 2001 6:41 PM > To: Tomcat Users List > Subject: internet explorer nullifies session on open new window > > The application we are coding requires a new window to be opened. This new > window may just contain a JavaScript calendar or a JSP page > (dispatched by a > servlet). > > We have been using Internet Explorer 5 till recently to run the > application > and this has been fine. But we recently upgraded to I.E. 5.5 and 6.0. In > both of the new versions, when a new window is opened and then closed, the > session in the original window gets nullified. > > For example, there are places where I need to see a calendar, so > I open this > calendar in a new window, I use the calendar, then I close the calendar > window. I then press a button (in the main window) to go to > another page in > my application, where all the session values are now displayed as null. > Subsequent system error statements show that the session is indeed null. > > I am not sure this is a tomcat problem or a IE problem (probably a IE > problem), but was wondering if anybody has experienced anything > similar and > if they have solved the problem... > > Note: I am using tomcat 4.01 > > Thanks much in advance, > > > Amit Kelkar > > > -- > To unsubscribe: <mailto:[EMAIL PROTECTED]> > For additional commands: <mailto:[EMAIL PROTECTED]> > Troubles with the list: <mailto:[EMAIL PROTECTED]> > > > > -- > To unsubscribe: <mailto:[EMAIL PROTECTED]> > For additional commands: <mailto:[EMAIL PROTECTED]> > Troubles with the list: <mailto:[EMAIL PROTECTED]> > > -- To unsubscribe: <mailto:[EMAIL PROTECTED]> For additional commands: <mailto:[EMAIL PROTECTED]> Troubles with the list: <mailto:[EMAIL PROTECTED]> -- To unsubscribe: <mailto:[EMAIL PROTECTED]> For additional commands: <mailto:[EMAIL PROTECTED]> Troubles with the list: <mailto:[EMAIL PROTECTED]>
