How can I detect if session cookies are disabled?

Posted on 2003-02-27
Medium Priority
Last Modified: 2008-02-01
How can I detect from client side JavaScript that session cookies are disabled?

Persistent cookies can be detected with navigator.cookieEnabled, but session cookies not.

And you can disable them easy in IE up to 6 and not so easy on IE 6 and up. Also easy on Netscape.

A server solution is not acceptable (it includes writing a cookie and redirecting to check it).
Question by:ccaprar
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
LVL 12

Expert Comment

ID: 8041495
I'm not sure i agree with you. If navigator.cookieEnabled returns true, that means the browser is accepting cookies(maybe options for third party etc). There may be an option to accept session cookies but not persistent, but I don't recall any user setting which allows persistent but not session cookies.

Author Comment

ID: 8042292

At least as IE 5 is concerned, you can disable separately both types of cookies.
In IE6, you can do this also, but using the Privacy settings.

MSDN states that navigator.cookieEnabled ignores session cookies....

Expert Comment

ID: 8050799
I'm not sure I understood your question, but
why don;t you try, seting a cookie , then issue
a <META> tag with a refresh argument, and on
next page, try to get the cookie, if it is available
it may be an incicator that cookies are enabled...

if not, you can then for example redirect to another
page using again the <META> tag.

Hope it helps.

Enroll in August's Course of the Month

August's CompTIA IT Fundamentals course includes 19 hours of basic computer principle modules and prepares you for the certification exam. It's free for Premium Members, Team Accounts, and Qualified Experts!


Expert Comment

ID: 8066990
I think you may be unclear on the timing difference between server set and client-side JS set cookies.  When you set from the server you use HTTP headers, and can't read them on the same page (need that redirect).  But that's not the case with JS set cookies.  You can set the cookie (and set is as a session cookie) and then try to read from it all on the same page.  If you can't read from it after it's set, then their cookies are disabled.

Now of course... that raises the issue of how do you tell if JS is enabled, which is another story.  Unless you really only care about the combo of JS + cookies, in which case on JS cookie test will tell you everything (have the test change a form field to 'enabled' from 'disabled' if the test succeeds to get the info back to server side).

Don't rely on META Refresh.... the META Refresh can also be disabled in the browser completely separately from JS or cookies so your test could fail even if the condition you were testing for was true.

Author Comment

ID: 8070183
Hi memerot.

Asuming that I have JS enabled, how can I detect in JS if a session cookie and a persistent cookie are allowed? Can you give me a small code example?


Accepted Solution

spo0ky earned 600 total points
ID: 8155132
try to set and then get a simple cookie, for example:

function GetCookie (name)
  var arg = name + "=";
  var alen = arg.length;
  var clen = document.cookie.length;
  var i = 0;
  while (i < clen)
    var j = i + alen;
    if (document.cookie.substring(i, j) == arg)
    return getCookieVal (j);
    i = document.cookie.indexOf(" ", i) + 1;
    if (i == 0) break;
  return null;

function SetCookie (name, value)
  var argv = SetCookie.arguments;
  var argc = SetCookie.arguments.length;
  var expires = (argc > 2) ? argv[2] : null;
  var path = (argc > 3) ? argv[3] : null;
  var domain = (argc > 4) ? argv[4] : null;
  var secure = (argc > 5) ? argv[5] : false;
  document.cookie = name + "=" + escape (value) + ((expires == null) ? "" : ("; expires=" + expires.toGMTString())) + ((path == null) ? "" : ("; path=" + path)) + ((domain == null) ? "" : ("; domain=" + domain)) + ((secure == true) ? "; secure" : "");

var cookies_enabled = "";
var exp = new Date();
exp.setTime(exp.getTime() + (60*1000));
SetCookie ('testcookie', 1, exp);
cookies_enabled = GetCookie('testcookie');


if (enabled==null)
  // cookies off
  //cookies on

I haven't used this code, because I needn't it.
I've just seen something like this somewhere in the internet.

I hope I told you what you needed :)

Author Comment

ID: 8167058
Thanks, I will check that.

Expert Comment

ID: 8169607
no problems

Featured Post

[Webinar] Lessons on Recovering from Petya

Skyport is working hard to help customers recover from recent attacks, like the Petya worm. This work has brought to light some important lessons. New malware attacks like this can take down your entire environment. Learn from others mistakes on how to prevent Petya like worms.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Do you come here a lot? Are you lazy like me and don't want to go through the "trouble" of having to click your Dock's Safari icon and then having to click your Experts Exchange Favorites bookmark to get here? Well then this article is for you.
Today, still in the boom of Apple, PC's and products, nearly 50% of the computer users use Windows as graphical operating systems. If you are among those users who love windows, but are grappling to keep the system's hard drive optimized, then you s…
This Micro Tutorial will demonstrate how nuggets on the Web are formatted by using Chrome Developer Tools. These tools would not only view the site's CSS but it can also modify it and save the CSS to use on your own site.
Shows how to create a shortcut to site-search Experts Exchange using Google in the Chrome browser. This eliminates the need to type out site:experts-exchange.com whenever you want to search the site. Launch the Search Engine Menu: In chrome, via you…
Suggested Courses

765 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question