HTA and Session Variables


Hi there!

I have 5 client machines running an ASP System inside an hta. (controlled environment)
All 5 client machines has Windows 2000 pro installed and IE 6 as the Web browser.

Whenever the clients logs onto the ASP System, their "user_id" gets stored into a session variable.


Session("User_ID") = rst("User_ID")

4 of the 5 machines actualy recocnizes the Session variable.
The other machine does not even pick it up! (i check for it inside a popup window)

I opened IE6, set the Security settings for Internet, Intranet and Trusted Sites to the lowest possible settings- enabling all, anonymous loggon, accept all cookies, refresh at every visit etc.

Again- 4 out of 5 machines this is working perfectly, it is just one machine (with the exact same IE security settings) that does not recocnize the Session variable.

I tested the ASP System inside the IE 6 browser (without using hta) and then the Session variable is recocnized, it is only as soon as the hta is running that it loses the Session variable.

Any specific securities I need to change for the hta, if so how do I go about doing that?

(o: aaargh! I am pulling out hair! :o)

Thanx in advance for anybody with a sollution! :o)

Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Asta CuTechnical consultant & graphic designCommented:
I believe this helps you.
PRB: Session Variables Do Not Persist Between Requests After You Install Internet Explorer Security Patch MS01-055
After you install security patch MS01-055 for Microsoft Internet Explorer 5.5 or 6.0, you may encounter the following problems:
Session variables are lost.
Session state is not maintained between requests.
Cookies are not set on the client system.
Note These problems can also occur after you install a more recent patch that includes the fix that is provided in security patch MS01-055.
Security patch MS01-055 prevents servers with improper name syntax from setting cookies names. Domains that use cookies must use only alphanumeric characters ("-" or ".") in the domain name and the server name. Internet Explorer blocks cookies from a server if the server name contains other characters, such as an underscore character ("_").

Because ASP session state and session variables rely on cookies to function, ASP cannot maintain session state between requests if cookies cannot be set on the client.

This issue can also be caused by an incorrect name syntax in a host header.
To work around this problem, use one of the following methods:
Rename the domain name and the server name, and use only alphanumeric characters.
Browse to the server by using the Internet Protocol (IP) address rather than the domain/server name.
Note You may need to change the Microsoft Internet Information Server (IIS) configuration after you rename a server. For more information, refer to the "References" section.
More here from the Source link:;en-us;316112&Product=ie600

WindowsUpdate also recommended

Internet Explorer 6 will notify you of Web sites that do not satisfy your privacy settings. This article describes how to manage your privacy (or cookie) settings in Internet Explorer 6. For information about the default privacy settings in Internet Explorer 6, please see the following article in the Microsoft Knowledge Base:
293222 The Default Privacy Settings for Internet Explorer 6

You can configure your privacy settings in Internet Explorer 6 by clicking Internet Options on the Tools menu, and then clicking the Privacy tab.

NOTE: An administrator can customize your privacy settings and remove the Privacy tab from the interface in the Internet Options dialog box. If the Privacy tab is not available, contact your administrator or see the Information for Advanced Users and IT Professionals section of this article.

More here, source link:;en-us;283185&Product=ie600

Asta CuTechnical consultant & graphic designCommented:
When you navigate through an XML-databinding program (.hta or .xml documents), you may receive an access violation error message in Internet Explorer.
To resolve this problem, obtain the latest service pack for Internet Explorer 6. For additional information, click the following article number to view the article in the Microsoft Knowledge Base:
328548 How to Obtain the Latest Internet Explorer 6 Service Pack

The English-language version of this fix should have the following file attributes or later:    Date         Time   Version        Size       File name
   10-Jan-2002  14:21  6.0.2713.1000  2,752,512  Mshtml.dll
This hotfix is available for different locales if the locale is supported by Internet Explorer. You must download a separate fix for each locale.

Microsoft has confirmed that this is a problem in the Microsoft products that are listed at the beginning of this article. This problem was first corrected in Internet Explorer 6 Service Pack 1.
Source for more:;en-us;315712&Product=ie600


Any startup items that run Regedit.exe or a .reg, .hta, .vbs, or .js file may be the cause of the issue. Leave any such startup items or suspected third-party software turned off, and then continue troubleshooting with the next step.
More here about that ....;en-us;320159&Product=ie600


.hta also classified as "unsafe", example and source:
Information About the Unsafe File List in Internet Explorer 6;en-us;291369&Product=ie600

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Asta CuTechnical consultant & graphic designCommented:
Are you still there?  We are in the process of cleaning up old questions and before I request Moderator attention want to see if this has been of help to you and if you're still even here.
Asta CuTechnical consultant & graphic designCommented:
No comment has been added lately, so it's time to clean up this TA.
I will leave the following recommendation for this question in the Cleanup topic area:

Accept: astaec {http:#10376894}

Please leave any comments here within the next four days.

EE Cleanup Volunteer
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Web Browsers

From novice to tech pro — start learning today.