Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Problem with cookies in intranet page in Internet Explorer

Posted on 2004-09-28
1
Medium Priority
?
777 Views
Last Modified: 2012-08-14
I don't know if this the right place but I searched every topic area and couldn't find anything for IE.
I've created a intranet page for my work containing two frames. A navigation at the top and a contact frame. The problem comes up when I link to a website that uses cookies to login. The intranet uses a ssl connection.
When I go to the url outside the intranet page it all goes fine during login. When I link to the page within the intranet site it gives the error that I have to enable cookies.

If I enable cookies in the privacy tab it all goes fine but I want to know why IE creates a problem when logging in.

Thanx in advance.
0
Comment
Question by:Sander Stad
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 1

Accepted Solution

by:
schubemk earned 150 total points
ID: 12168892
This is because of the cross-site scripting spoof that became popular a few years ago.  Developers are able to construct web pages in framesets that included content from external sites (which sounds like what you are doing here).  It is possible to capture the keystrokes and cookie information that a user enters on the external site using coding techniques within the frameset you've created.  Either the provider of the site you are linking to or internet explorer is detecting that the page is in a frameset and is adding a layer of security to help prevent your frameset from capturing the user's activity.

Microsoft does a better job explaining all of the nuances than I will, so I'll just refer you to two of their pages that I keep bookmarked for occassions like this:

Preventing Internet Explorer and Outlook Express Cross-Site Scripting Security Issues
http://support.microsoft.com/default.aspx?scid=kb;EN-US;253117

How To Prevent Cross-Site Scripting Security Issues
http://support.microsoft.com/default.aspx?scid=kb;en-us;252985
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

It's here again; Microsoft is launching a new version of Internet Explorer: Internet Explorer 9, with noticeable changes on its interface, functions and new tools. As they say on its promotional video: "It's time to play, on a more beautiful web", f…
Now-a-days, indirectly, postal services have been replaced by email services. Yes, whenever we hear the word "email" a lot of people only think of gmail. Some people still think that email and gmail are one and the same thing :-). Let's see some …
This Micro Tutorial will demonstrate how nuggets on the Web are formatted by using Chrome Developer Tools. These tools would not only view the site's CSS but it can also modify it and save the CSS to use on your own site.
How to create a custom search shortcut to site-search Experts Exchange using Google in the Firefox browser. This eliminates the need to type out site:experts-exchange.com whenever you want to search the site. Launch your Bookmark Menu: Press 'Ctrl +…

636 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question