Solved

Get cookie from browser from IIS

Posted on 2011-03-04
8
322 Views
Last Modified: 2012-06-27
I'm trying to get a cookie that is from another domain. The cookie is on the users browser and I was told that I could query the cookie through IIS... Is that true?
0
Comment
Question by:cobolinx1
  • 4
8 Comments
 
LVL 12

Accepted Solution

by:
Cyber-spy earned 500 total points
ID: 35040751
No, this is not possible - think of all the ways security could be breached if you could read cookies from other domains!

As cookies are stored in the browser, the web server makes little difference.

There are several ways of communicating with other domains though.

The simplest is to download an image from the other domain

So, on a web page from www.this.com, you could have something like this:

<img src="http://www.that.net/transfer.aspx?key1=value1&key2=value2" style="width:1px; height:1px" />

Open in new window


transfer.aspx can process whatever data is sent. When it returns an image (make it a 1x1 transparent gif, or even nothing at all - an image with no data and a '200 OK' HTTP response doesn't (in my experience) show a broken image on the page), attach cookies to the image (all files - html, aspx, images, javascript etc can come with cookies).

When you visit http://www.that.net/, your cookie should be there. This is basically the technique used by advertisers to track your movements across the web.

Don't rely too heavily on this though - there are lots of ways of blocking 'third-party' cookies (for the reason mentioned above) so it may not work in every browser.
0
 
LVL 12

Expert Comment

by:Cyber-spy
ID: 35113607
Hi,

Was this information useful?

Regards

Adam
0
 

Author Comment

by:cobolinx1
ID: 35140632
It was but I don't think my security group will allow that plus I need to make sure it'll work in mozilla and ie... neat trick though..I'll give you some points when I can figure this out.
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 
LVL 12

Expert Comment

by:Cyber-spy
ID: 35143451
OK - let me know how it works out.
0
 
LVL 12

Expert Comment

by:Cyber-spy
ID: 35887085
I answered the question - and the author acknowledged it was useful.
I think I should get the points
0
 
LVL 19

Expert Comment

by:Amandeep Singh Bhullar
ID: 35944470
This question has been classified as abandoned and is closed as part of the Cleanup Program. See the recommendation for more details.
0

Featured Post

Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Lync server 2013 or Skype for business Backup Service Error ID 4049 – After File Share Migration
When it comes to showing a 404 error page to your visitors, you do not want that generic page to show, and you especially do not want your hosting provider’s ad error page to show either. In this article, I will show you how to enable the custom 40…
Although Jacob Bernoulli (1654-1705) has been credited as the creator of "Binomial Distribution Table", Gottfried Leibniz (1646-1716) did his dissertation on the subject in 1666; Leibniz you may recall is the co-inventor of "Calculus" and beat Isaac…

821 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question