Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

Problem with cookies in intranet page in Internet Explorer

Posted on 2004-09-28
1
Medium Priority
?
783 Views
Last Modified: 2012-08-14
I don't know if this the right place but I searched every topic area and couldn't find anything for IE.
I've created a intranet page for my work containing two frames. A navigation at the top and a contact frame. The problem comes up when I link to a website that uses cookies to login. The intranet uses a ssl connection.
When I go to the url outside the intranet page it all goes fine during login. When I link to the page within the intranet site it gives the error that I have to enable cookies.

If I enable cookies in the privacy tab it all goes fine but I want to know why IE creates a problem when logging in.

Thanx in advance.
0
Comment
Question by:Sander Stad
1 Comment
 
LVL 1

Accepted Solution

by:
schubemk earned 150 total points
ID: 12168892
This is because of the cross-site scripting spoof that became popular a few years ago.  Developers are able to construct web pages in framesets that included content from external sites (which sounds like what you are doing here).  It is possible to capture the keystrokes and cookie information that a user enters on the external site using coding techniques within the frameset you've created.  Either the provider of the site you are linking to or internet explorer is detecting that the page is in a frameset and is adding a layer of security to help prevent your frameset from capturing the user's activity.

Microsoft does a better job explaining all of the nuances than I will, so I'll just refer you to two of their pages that I keep bookmarked for occassions like this:

Preventing Internet Explorer and Outlook Express Cross-Site Scripting Security Issues
http://support.microsoft.com/default.aspx?scid=kb;EN-US;253117

How To Prevent Cross-Site Scripting Security Issues
http://support.microsoft.com/default.aspx?scid=kb;en-us;252985
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Internet is a big network which is formed by connecting multiple small networks.It is a platform for all the users which are connected to it.Internet act as platform in different fields. Such as: Internet  as a collaboration platform. Internet  as…
I had to do a bit of research to find the answer to this question so I thought I'd share my results.  Due to our outdated mainframe systems, we need to downgrade IE9 to IE8 in order to stay compatible.  We also needed to downgrade Java.  In order to…
Shows how to create a shortcut to site-search Experts Exchange using Google in the Chrome browser. This eliminates the need to type out site:experts-exchange.com whenever you want to search the site. Launch the Search Engine Menu: In chrome, via you…
Want to learn how to record your desktop screen without having to use an outside camera. Click on this video and learn how to use the cool google extension called "Screencastify"! Step 1: Open a new google tab Step 2: Go to the left hand upper corn…
Suggested Courses

572 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question