Solved

Detect is session cookies enabled

Posted on 2008-06-13
13
2,691 Views
Last Modified: 2010-04-21
I have a problem. My site relies heavily on asp.net session cookies, it holds the users session in the database and maintains all sorts of data based on this session. the problem arises when the user has cookies disabled. For these users, each postback creates and new session in my database. In tern they loose any session data that i might hold as they browser the site because new sessions are created..

I now have a number of records being created for these user. No good...

I have been looking for some code that will allow me to detect if cookies are enabled or disabled via C# in the session_start method. I have found none that can do this WITHOUT a postback!

If anyone has any suggestions on how i can detect this without posting back or by using javascript maybe... please help me... I want to redirect these used to a page that asks them to turn cookie on...

Nugs
0
Comment
Question by:Nugs
13 Comments
 
LVL 6

Expert Comment

by:MuhammadAdil
ID: 21781573
0
 
LVL 16

Expert Comment

by:burakiewicz
ID: 21781591
Request.Browser.Cookies
0
 
LVL 2

Author Comment

by:Nugs
ID: 21781594
These check if the browsers support cookie, not if the user has turned cookie off...

Nugs
0
 
LVL 6

Expert Comment

by:MuhammadAdil
ID: 21781661
Hi Nugs,
            All Most all browser supports cookies. If you get cookies status disable its mean user have disable browser cookies.

Regards,
Adil Fazal
0
 
LVL 33

Assisted Solution

by:raterus
raterus earned 100 total points
ID: 21781708
The only true way to check cookies is between two subsequent page loads.  Try to set a cookie on the first load, and if it's returned to you on the second, they have cookies enabled, if not, they don't!
0
 
LVL 2

Author Comment

by:Nugs
ID: 21781849
I got this working... IE seems to have multiple "levels" of cookie being enabled or disabled... for example if you set the privacy to high this does not mean that by clicking on the advanced tab that the browser is ignoring other types of cookie...

Anywho, this is besides the point...

Currently i have a class i run at Session_Start that runs your check MuhammadAdil, plus it runs and addition check if (HttpContext.Current.Request.ServerVariables["HTTP_COOKIE"] == null)

        public bool CheckCookies()
        {
            bool CookiesEnabled = false;
            HttpBrowserCapabilities br = HttpContext.Current.Request.Browser;
            if (!br.Cookies)
            {
                CookiesEnabled = false;
            }
            else
            {
                CookiesEnabled = true;
            }

            if (HttpContext.Current.Request.ServerVariables["HTTP_COOKIE"] == null)
            {
                CookiesEnabled = false;
            }
            else
            {
                CookiesEnabled = true;
            }

            return CookiesEnabled;
        }

It does not catch that the browser has cookies disabled without the second check!

In addition to this i have tried a javascript that i found which also works...

function checkCookies()
{
   var tmpcookie = new Date();
   chkcookie = (tmpcookie.getTime() + '');
   document.cookie = "chkcookie=" + chkcookie + "; path=/";
   
    if (document.cookie.indexOf(chkcookie,0) < 0)
    {
      window.location = 'BrowserCookieSupport.html';
    }
}

run that on every page load and it will also do an accurate check on cookie enabled/disabled...

So i guess the question now is:

1) i'm not to familiar with javascript but is there a way to optimize this script...
2) what exactly is Request.ServerVariables["HTTP_COOKIE"] == null checking and why does that work in determining if cookies are enabled/disabled?

Nugs
0
Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

 
LVL 6

Expert Comment

by:MuhammadAdil
ID: 21781903
Hi Nugs,
             If you have master page. You need to just mention this script in master page and it will work. Else you need to add on each page.
             Second, Request.ServerVariables["HTTP_COOKIE"]  get Cookies information from HTTP Header. I think Header contain information Is specific request have cookies.

Regards,
Adil Fazal
0
 
LVL 2

Author Comment

by:Nugs
ID: 21781904
actually i take that back...

Request.Browser.Cookies
Request.ServerVariables["HTTP_COOKIE"] == null

Do not detect disabled cookies....

Only the javascript i have in place does!

Nugs
0
 
LVL 2

Author Comment

by:Nugs
ID: 21781937
I do have masterpages... Would you be able to help me optimize the javascript a bit or is it good to go?

Nugs
0
 
LVL 6

Accepted Solution

by:
MuhammadAdil earned 300 total points
ID: 21782005
Hi Nugs,
             I have check the code. Its good. What kind of optimization you want. If you want to invoke some server side method. You needs to add a static method in code behind with web method attribute. And you can call this method in javascript with PageMethods.methodname();. If you wanna to alert user to enable cookies you can simply add in javascript...

alert("Please enable your cookies..");



Regards,
Adil Fazal
0
 
LVL 2

Author Comment

by:Nugs
ID: 21782168
No i guess just by looking at the JavaScript (and again i am not really familiar with JS and not sure what it is doing) but it looks as though it creates a cookie based on the timestamp? It does this for each Page_Load... My concern is that it is creating many cookies just for testing as the user browses...

I would like it to create a cookie that it can test from, and then remove the cookie once the test is complete.. .Or reuse the same cookie for testing...

But again i could be completely wrong in terms of what it actually is doing...

Nugs.

PS: Javascript is fine i do not need to invoke any server side methods...
0
 
LVL 18

Assisted Solution

by:Gary Davis
Gary Davis earned 100 total points
ID: 21783655
Session Start is the place to put the check. If the Request Cookies collection has at least one cookie, you are ok for that session. Otherwise, you will have to write a cookie back to the browser and see if it comes back (Response.Redirect). You can't add a cookie and then check it without the round trip (sorry). Use HttpWatch (http://www.httpwatch.com) to see the probe cookie sent from the server to the browser and then returned to the server during your testing.

Gary Davis
0
 
LVL 2

Author Closing Comment

by:Nugs
ID: 31467031
Thanks for everyone's input on this...
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

It was really hard time for me to get the understanding of Delegates in C#. I went through many websites and articles but I found them very clumsy. After going through those sites, I noted down the points in a easy way so here I am sharing that unde…
This article discusses how to create an extensible mechanism for linked drop downs.
The viewer will learn the basics of jQuery, including how to invoke it on a web page. Reference your jQuery libraries: (CODE) Include your new external js/jQuery file: (CODE) Write your first lines of code to setup your site for jQuery.: (CODE)
The viewer will learn the basics of jQuery including how to code hide show and toggles. Reference your jQuery libraries: (CODE) Include your new external js/jQuery file: (CODE) Write your first lines of code to setup your site for jQuery…

914 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now