Solved

Problem with cookies in intranet page in Internet Explorer

Posted on 2004-09-28
1
768 Views
Last Modified: 2012-08-14
I don't know if this the right place but I searched every topic area and couldn't find anything for IE.
I've created a intranet page for my work containing two frames. A navigation at the top and a contact frame. The problem comes up when I link to a website that uses cookies to login. The intranet uses a ssl connection.
When I go to the url outside the intranet page it all goes fine during login. When I link to the page within the intranet site it gives the error that I have to enable cookies.

If I enable cookies in the privacy tab it all goes fine but I want to know why IE creates a problem when logging in.

Thanx in advance.
0
Comment
Question by:Sander Stad
1 Comment
 
LVL 1

Accepted Solution

by:
schubemk earned 50 total points
ID: 12168892
This is because of the cross-site scripting spoof that became popular a few years ago.  Developers are able to construct web pages in framesets that included content from external sites (which sounds like what you are doing here).  It is possible to capture the keystrokes and cookie information that a user enters on the external site using coding techniques within the frameset you've created.  Either the provider of the site you are linking to or internet explorer is detecting that the page is in a frameset and is adding a layer of security to help prevent your frameset from capturing the user's activity.

Microsoft does a better job explaining all of the nuances than I will, so I'll just refer you to two of their pages that I keep bookmarked for occassions like this:

Preventing Internet Explorer and Outlook Express Cross-Site Scripting Security Issues
http://support.microsoft.com/default.aspx?scid=kb;EN-US;253117

How To Prevent Cross-Site Scripting Security Issues
http://support.microsoft.com/default.aspx?scid=kb;en-us;252985
0

Featured Post

Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

Join & Write a Comment

Suggested Solutions

Bada platform is becoming more and more famous this days and people talking about same. Some friends included those who have bada OS mobile asked me "what is bada?"and "what its features?". That encouraged me to research and write this article. [st…
#Citrix #Internet Explorer #Enterprise Mode #IE 11 #IE 8
This Micro Tutorial will demonstrate how nuggets on the Web are formatted by using Chrome Developer Tools. These tools would not only view the site's CSS but it can also modify it and save the CSS to use on your own site.
How to create a custom search shortcut to site-search Experts Exchange using Google in the Firefox browser. This eliminates the need to type out site:experts-exchange.com whenever you want to search the site. Launch your Bookmark Menu: Press 'Ctrl +…

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now