Solved

Detect is session cookies enabled

Posted on 2008-06-13
13
2,685 Views
Last Modified: 2010-04-21
I have a problem. My site relies heavily on asp.net session cookies, it holds the users session in the database and maintains all sorts of data based on this session. the problem arises when the user has cookies disabled. For these users, each postback creates and new session in my database. In tern they loose any session data that i might hold as they browser the site because new sessions are created..

I now have a number of records being created for these user. No good...

I have been looking for some code that will allow me to detect if cookies are enabled or disabled via C# in the session_start method. I have found none that can do this WITHOUT a postback!

If anyone has any suggestions on how i can detect this without posting back or by using javascript maybe... please help me... I want to redirect these used to a page that asks them to turn cookie on...

Nugs
0
Comment
Question by:Nugs
13 Comments
 
LVL 6

Expert Comment

by:MuhammadAdil
ID: 21781573
0
 
LVL 16

Expert Comment

by:burakiewicz
ID: 21781591
Request.Browser.Cookies
0
 
LVL 2

Author Comment

by:Nugs
ID: 21781594
These check if the browsers support cookie, not if the user has turned cookie off...

Nugs
0
 
LVL 6

Expert Comment

by:MuhammadAdil
ID: 21781661
Hi Nugs,
            All Most all browser supports cookies. If you get cookies status disable its mean user have disable browser cookies.

Regards,
Adil Fazal
0
 
LVL 33

Assisted Solution

by:raterus
raterus earned 100 total points
ID: 21781708
The only true way to check cookies is between two subsequent page loads.  Try to set a cookie on the first load, and if it's returned to you on the second, they have cookies enabled, if not, they don't!
0
 
LVL 2

Author Comment

by:Nugs
ID: 21781849
I got this working... IE seems to have multiple "levels" of cookie being enabled or disabled... for example if you set the privacy to high this does not mean that by clicking on the advanced tab that the browser is ignoring other types of cookie...

Anywho, this is besides the point...

Currently i have a class i run at Session_Start that runs your check MuhammadAdil, plus it runs and addition check if (HttpContext.Current.Request.ServerVariables["HTTP_COOKIE"] == null)

        public bool CheckCookies()
        {
            bool CookiesEnabled = false;
            HttpBrowserCapabilities br = HttpContext.Current.Request.Browser;
            if (!br.Cookies)
            {
                CookiesEnabled = false;
            }
            else
            {
                CookiesEnabled = true;
            }

            if (HttpContext.Current.Request.ServerVariables["HTTP_COOKIE"] == null)
            {
                CookiesEnabled = false;
            }
            else
            {
                CookiesEnabled = true;
            }

            return CookiesEnabled;
        }

It does not catch that the browser has cookies disabled without the second check!

In addition to this i have tried a javascript that i found which also works...

function checkCookies()
{
   var tmpcookie = new Date();
   chkcookie = (tmpcookie.getTime() + '');
   document.cookie = "chkcookie=" + chkcookie + "; path=/";
   
    if (document.cookie.indexOf(chkcookie,0) < 0)
    {
      window.location = 'BrowserCookieSupport.html';
    }
}

run that on every page load and it will also do an accurate check on cookie enabled/disabled...

So i guess the question now is:

1) i'm not to familiar with javascript but is there a way to optimize this script...
2) what exactly is Request.ServerVariables["HTTP_COOKIE"] == null checking and why does that work in determining if cookies are enabled/disabled?

Nugs
0
How to improve team productivity

Quip adds documents, spreadsheets, and tasklists to your Slack experience
- Elevate ideas to Quip docs
- Share Quip docs in Slack
- Get notified of changes to your docs
- Available on iOS/Android/Desktop/Web
- Online/Offline

 
LVL 6

Expert Comment

by:MuhammadAdil
ID: 21781903
Hi Nugs,
             If you have master page. You need to just mention this script in master page and it will work. Else you need to add on each page.
             Second, Request.ServerVariables["HTTP_COOKIE"]  get Cookies information from HTTP Header. I think Header contain information Is specific request have cookies.

Regards,
Adil Fazal
0
 
LVL 2

Author Comment

by:Nugs
ID: 21781904
actually i take that back...

Request.Browser.Cookies
Request.ServerVariables["HTTP_COOKIE"] == null

Do not detect disabled cookies....

Only the javascript i have in place does!

Nugs
0
 
LVL 2

Author Comment

by:Nugs
ID: 21781937
I do have masterpages... Would you be able to help me optimize the javascript a bit or is it good to go?

Nugs
0
 
LVL 6

Accepted Solution

by:
MuhammadAdil earned 300 total points
ID: 21782005
Hi Nugs,
             I have check the code. Its good. What kind of optimization you want. If you want to invoke some server side method. You needs to add a static method in code behind with web method attribute. And you can call this method in javascript with PageMethods.methodname();. If you wanna to alert user to enable cookies you can simply add in javascript...

alert("Please enable your cookies..");



Regards,
Adil Fazal
0
 
LVL 2

Author Comment

by:Nugs
ID: 21782168
No i guess just by looking at the JavaScript (and again i am not really familiar with JS and not sure what it is doing) but it looks as though it creates a cookie based on the timestamp? It does this for each Page_Load... My concern is that it is creating many cookies just for testing as the user browses...

I would like it to create a cookie that it can test from, and then remove the cookie once the test is complete.. .Or reuse the same cookie for testing...

But again i could be completely wrong in terms of what it actually is doing...

Nugs.

PS: Javascript is fine i do not need to invoke any server side methods...
0
 
LVL 18

Assisted Solution

by:Gary Davis
Gary Davis earned 100 total points
ID: 21783655
Session Start is the place to put the check. If the Request Cookies collection has at least one cookie, you are ok for that session. Otherwise, you will have to write a cookie back to the browser and see if it comes back (Response.Redirect). You can't add a cookie and then check it without the round trip (sorry). Use HttpWatch (http://www.httpwatch.com) to see the probe cookie sent from the server to the browser and then returned to the server during your testing.

Gary Davis
0
 
LVL 2

Author Closing Comment

by:Nugs
ID: 31467031
Thanks for everyone's input on this...
0

Featured Post

Free Trending Threat Insights Every Day

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

This article is for Object-Oriented Programming (OOP) beginners. An Interface contains declarations of events, indexers, methods and/or properties. Any class which implements the Interface should provide the concrete implementation for each Inter…
Article by: DanRollins
This article describes a JavaScript program that creates a maze made of hexagonal cells.  In Part 2 (http://www.experts-exchange.com/Programming/Languages/Scripting/JavaScript/A_7850-Hex-Maze-Part-2.html), we'll extend the program by adding a depth-…
The viewer will learn the basics of jQuery, including how to invoke it on a web page. Reference your jQuery libraries: (CODE) Include your new external js/jQuery file: (CODE) Write your first lines of code to setup your site for jQuery.: (CODE)
The viewer will learn the basics of jQuery including how to code hide show and toggles. Reference your jQuery libraries: (CODE) Include your new external js/jQuery file: (CODE) Write your first lines of code to setup your site for jQuery…

759 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now