ASP.NET (VS 2008) Won't Set Cookies? WHY?!?!

Posted on 2010-01-05
Last Modified: 2013-11-26
I've been dealing with this problem for the better part of two days now, and I'm tired of banging my head against the desk, so I'm hoping someone here can help me.

I have what should be an incredibly simple challenge - store an 8 - 12 digit string on a users PC in the form of a cookie when they fill out a simple form on my ASP.NET page (written in VB.NET with Visual Studio 2008).

I've looked into every conceivable way there is to set a cookie, and tried all of them, but seemingly nothing I do causes the cookie to be stored. I don't get any errors - the cookie file simply doesn't appear in the cookie directory on the client machine ("C:\Users\username\AppData\Roaming\Microsoft\Windows\Cookies", for example).

Here's a quick rundown of what I've already tried:
* Setting the cookie expiration date several years into the future
* Manually setting the domain of the cookie
* Creating the cookie through response.cookies("CookieName").Value = value
* Creating the cookie as an HttpCookie object, and assigning values to the object's properties, then adding it with Response.Cookies.Add(CookieObject)
* Verifying that other web sites on my test workstation can set and read cookies (using
* Running the project both in debug mode on my locally run development server, AND publishing the web site to the final production server (just in case the localhost domain was causing an issue).
* Mercilessly piling over every line in my web.config for anything remotely related to cookies

No matter what I try, it's totally fruitless. I'm trying to read the cookie back with "If IsNothing(Response.Cookies("RAK").Value) Then RAK = Response.Cookies("RAK").Value". But again, I'm not even seeing the file appear in the cookie directory on the machine, so I don't think the problem is that I'm reading it wrong, I think it's that its not ever being written.

I've included the function that is supposed to write my cookie (the commented out code is an example of one of the other methods I was trying). The RNR object is a reference to a web service I have linked in (which I have already verified is working). I know the code to write the cookie is getting hit, because I've set breakpoints on my Response.Cookie lines, and can see it getting to them. So I ask... what am I doing wrong???

P.S. - Ultimately, this page is going to be read from mobile phones (mostly Android phones, but possibly some iPhones as well), so if there are any gotcha's I should be aware of with cookies and mobile devices, please mention them. Although at this point I haven't even gotten that far.

Thanks in advance!
Protected Sub btnUpdate_Click(ByVal sender As Object, ByVal e As EventArgs) Handles btnUpdate.Click
        If txtRAK.Text <> "" Then
            Dim RAK As String = txtRAK.Text
            If RNR.isRakValid(RAK) Then
                Response.Cookies("RAK").Value = RAK
                Response.Cookies("RAK").Expires = DateTime.Now.AddYears(10)
                Response.Cookies("RAK").Domain = "" 'Altered for post to Internet'

                'Dim cookieRAK As New HttpCookie("RAK")'
                'cookieRAK.Expires = DateTime.Now.AddYears(10)'
                'cookieRAK.Values.Add("RAK", RAK)'
                lblInvalidRAK.Visible = False
                lblInvalidRAK.Visible = True
            End If
        End If
    End Sub

Open in new window

Question by:erickadam1
    LVL 29

    Expert Comment

    by:Kumaraswamy R

    My Point of view : this Cookie Limitations

    Most browsers support cookies of up to 4096 bytes. Because of this small limit, cookies are best used to store small amounts of data, or better yet, an identifier such as a user ID. The user ID can then be used to identify the user and read user information from a database or other data store. (See the section "Cookies and Security" below for information about security implications of storing user information.)

    More Info

    Author Comment

    That's exactly what I'm trying to do. The value I want to store in the cookie is an 8-12 byte remote access key that is used to look up a user account from the database on the other end of the web service.
    LVL 29

    Expert Comment

    by:Kumaraswamy R

    Work around soln:
    create a Property and Store in the Value
    Create Temp Table and Store

    Author Comment

    The problem with doing that is I'd still need to prompt the user for the data every time. I need to be able to set the value one time and forget it.
    LVL 29

    Expert Comment

    by:Kumaraswamy R

    Ok. Then Split and Store more than one Cookies. Read time again Merge the Cookies Values

    Cookie Limitation information based on the Browser:

    Author Comment

    This issue can't have anything to do with a limitation of cookies - I'm setting one single, 12 byte cookie for an entire domain. If cookies couldn't handle that, they wouldn't exist - I really couldn't write a simpler cookie.

    I know it has to be either something wrong with my code, my ASP.NET site configuration, or my IIS virtual directory configuration. But I know I'm not running up against a technical limitation of cookies.

    Accepted Solution

    Alright, so I figured it out - I actually mentioned it in my original description. It turns out the problem was with my code - the code where I was attempting to see if the cookie exists prior to calling the function that writes it. I was using RESPONSE.cookies when I meant to type REQUEST.cookies. So it was creating an empty cookie with the same name as the populated cookie that I went to set up later. Still no idea why it wasn't showing up in the cookies folder in IE, but I was able to find the cookie(s) in Firefox.

    Silly, stupid typo error. D'oh.

    Featured Post

    Looking for New Ways to Advertise?

    Engage with tech pros in our community with native advertising, as a Vendor Expert, and more.

    Join & Write a Comment

    Once again I push the limits of my phone.  An introduction to the Android Google Now Launcher.
    You should read OS supplied guidelines before developing. I can't stress that enough. The guidelines will help you understand the reasons mobile app developers do what they do.  Apple is very particular when they review appstore submissions.
    This video is in connection to the article "The case of a missing mobile phone (". It will help one to understand clearly the steps to track a lost android phone.
    Illustrator's Shape Builder tool will let you combine shapes visually and interactively. This video shows the Mac version, but the tool works the same way in Windows. To follow along with this video, you can draw your own shapes or download the fileā€¦

    729 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    20 Experts available now in Live!

    Get 1:1 Help Now