• Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

handling cookies

 
venkatesh pendharkar
Ranch Hand
Posts: 106
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi all,
I am writing 1 jsp page in which there is a login button. When clicked on that it calls javascript method window.open("http://test:7010/login_validate.jsp") & opens login_validate.jsp page which is in a differnet context & different app server.
Now while before opening this link i want attach some cookie so that on login_validate.jsp I can validate the cookie & check if the user is valid or not. FOr attaching cookie I am using this function
setCookie("CSRWebsiteLoginCookie", '<%=sEncryptedUserId%>', expires, path);
& the funtions is


here when i run the code i see that cookie is created on the machine(cookies folder) from which login button was clicked, but on the machine where login_validate.jsp is saved , cookie is not received. That means although cookies is getting created it is not getting sent with link.
Can anyone tell me why this is happening & how to solve it??

[BSouther: Added UBB CODE tags]
[ September 21, 2007: Message edited by: Ben Souther ]
 
Ben Souther
Sheriff
Posts: 13411
Firefox Browser Redhat VI Editor
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Browsers are very strict about not allowing cookies to be read or written across domains.
 
venkatesh pendharkar
Ranch Hand
Posts: 106
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi Ben Thanks for the reply,
I understood that it is not possible for me to send cookie from one domain to another domain.
So is there any way by which i can send some hidden values through window.open() function. Because i can not use cookies & i cant even attach the value that i want to send to the link using '?'. eg http://test:7010/login_validate.jsp?uid<>134994903 although im encrypting this value, if someone els copies this then he will be able to login to our system.
So i want to send the userId as hidden or secured field. can anyone suggest anything....
 
Eric Pascarello
author
Rancher
Posts: 15385
6
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Most people that use links to be able to login use a hash that has the information needed and the expiration time so the link onl woks for XXX minutes.

Eric
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic