Skip to main content
S
sdsinc_pmascari
Braniac
April 8, 2015
Question

IE Dropping Cookies

  • April 8, 2015
  • 1 reply
  • 1678 views

So, we've just moved CF11 to our production servers.  Among the many weird issues we've encountered is IE refusing to keep cookies set using CFCOOKIE.

Keep in mind this is only a problem in IE.  Seems to be all versions: 6-11.

For instance, a user loads Page A where this code resides:

<cfcookie name="myCookie"  value="#myVar#" expires="NEVER">

At the end of the page I dump out:

<cfdump var="#isDefined(cookie.myCookie)#">

Result: YES

I then click a link and load a Page B (same domain) and dump out:

<cfdump var="#isDefined(cookie.myCookie)#">

Result: NO

Why is IE dropping this cookie?  All other browsers keep it.

Exception: if I add my site to IE's Trusted Site list then it will keep the cookie.  WTF?

Also, the particular CFCookie code we're using has been in place and working for YEARS.  Since CF7 at least. 

It has also been working on our testing server running CF11 for months.  It only stopped working when moved to our production servers.

The testing server and production servers are nearly identical: Win2008, IIS7, CF11.  The ONE glaring difference is the testing server was installed with an early version of CF11 and is still running Java7.  The production CF11 installed with Java 8.  We have several issues on the production machine we suspect to be a result of using Java 8 as we've never seen them on the Java 7 test server.

Anyone have any idea if the new version of Java would change how CFCookie operates?  Other ideas?

This topic has been closed for replies.

1 reply

C
chrisr82132872
Participating Frequently
April 12, 2018

I'm getting this same error myself in IE11. Same scenario with a CFOOKIE that writes successfully. Do a CFDUMP at the bottom of the same page, I see the cookie.

Then, on the same domain, on a different cfm page do a CFUMP of all cookies and my cookie isn't present.

I'm really frustrated with this. Tried a server-side work-around with CFCOOKIE since IE11 isn't writing .js cookies. And now I can't even read a cookie with IE,

Help anyone?

D
Dave Watts
Inspiring
April 12, 2018

I would strongly recommend using the dev tools available in IE or Chrome to see exactly what response headers are being written, including that of the cookie. Nothing in CFCOOKIE has changed, but how browsers handle cookies has changed quite a bit.

Dave Watts, Fig Leaf Software

Dave Watts, Eidolon LLC
C
chrisr82132872
Participating Frequently
April 13, 2018

Thank you, Dave. It looks like I'm going to abandon a Terms of Use popup check that uses javascript and the cookie to determine access to certain pages. Will have to do it server-side. All because of IE. Ugh.


And... the httponly cookie isn't being recognized either in IE. It's being written as httponly:

Key Value

Set-Cookie ZAXTERMS=yes; Expires=Sun, 05-Apr-2048 15:05:43 GMT; Path=/; HttpOnly

Then I load the 2nd page that dumps the cookie. Only CFID and CFTOKEN are set.

Terms & ConditionsAccessibility statement
Using the community Terms of use Privacy Cookie preferences Do not sell or share my personal information ad choicesAdChoices