Solved

Problem with cookies in intranet page in Internet Explorer

Posted on 2004-09-28
1
769 Views
Last Modified: 2012-08-14
I don't know if this the right place but I searched every topic area and couldn't find anything for IE.
I've created a intranet page for my work containing two frames. A navigation at the top and a contact frame. The problem comes up when I link to a website that uses cookies to login. The intranet uses a ssl connection.
When I go to the url outside the intranet page it all goes fine during login. When I link to the page within the intranet site it gives the error that I have to enable cookies.

If I enable cookies in the privacy tab it all goes fine but I want to know why IE creates a problem when logging in.

Thanx in advance.
0
Comment
Question by:Sander Stad
1 Comment
 
LVL 1

Accepted Solution

by:
schubemk earned 50 total points
ID: 12168892
This is because of the cross-site scripting spoof that became popular a few years ago.  Developers are able to construct web pages in framesets that included content from external sites (which sounds like what you are doing here).  It is possible to capture the keystrokes and cookie information that a user enters on the external site using coding techniques within the frameset you've created.  Either the provider of the site you are linking to or internet explorer is detecting that the page is in a frameset and is adding a layer of security to help prevent your frameset from capturing the user's activity.

Microsoft does a better job explaining all of the nuances than I will, so I'll just refer you to two of their pages that I keep bookmarked for occassions like this:

Preventing Internet Explorer and Outlook Express Cross-Site Scripting Security Issues
http://support.microsoft.com/default.aspx?scid=kb;EN-US;253117

How To Prevent Cross-Site Scripting Security Issues
http://support.microsoft.com/default.aspx?scid=kb;en-us;252985
0

Featured Post

Master Your Team's Linux and Cloud Stack

Come see why top tech companies like Mailchimp and Media Temple use Linux Academy to build their employee training programs.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

I spend far too much time on the web keeping up with the news: politics, the environment, computer stuff, the Experts Exchange. It's never-ending. But many of the most informative web pages are overwhelmed with noise: scrolling banners, flashing tex…
I annotated my article on ransomware somewhat extensively, but I keep adding new references and wanted to put a link to the reference library.  Despite all the reference tools I have on hand, it was not easy to find a way to do this easily. I finall…
Google currently has a new report that is in beta and coming soon to Webmaster Tool accounts. This Micro Tutorial will highlight new features for Google Webmaster Tools.
How to create a custom search shortcut to site-search Experts Exchange using Google in the Firefox browser. This eliminates the need to type out site:experts-exchange.com whenever you want to search the site. Launch your Bookmark Menu: Press 'Ctrl +…

772 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question