Solved

Get cookie from browser from IIS

Posted on 2011-03-04
8
325 Views
Last Modified: 2012-06-27
I'm trying to get a cookie that is from another domain. The cookie is on the users browser and I was told that I could query the cookie through IIS... Is that true?
0
Comment
Question by:cobolinx1
  • 4
8 Comments
 
LVL 12

Accepted Solution

by:
Cyber-spy earned 500 total points
ID: 35040751
No, this is not possible - think of all the ways security could be breached if you could read cookies from other domains!

As cookies are stored in the browser, the web server makes little difference.

There are several ways of communicating with other domains though.

The simplest is to download an image from the other domain

So, on a web page from www.this.com, you could have something like this:

<img src="http://www.that.net/transfer.aspx?key1=value1&key2=value2" style="width:1px; height:1px" />

Open in new window


transfer.aspx can process whatever data is sent. When it returns an image (make it a 1x1 transparent gif, or even nothing at all - an image with no data and a '200 OK' HTTP response doesn't (in my experience) show a broken image on the page), attach cookies to the image (all files - html, aspx, images, javascript etc can come with cookies).

When you visit http://www.that.net/, your cookie should be there. This is basically the technique used by advertisers to track your movements across the web.

Don't rely too heavily on this though - there are lots of ways of blocking 'third-party' cookies (for the reason mentioned above) so it may not work in every browser.
0
 
LVL 12

Expert Comment

by:Cyber-spy
ID: 35113607
Hi,

Was this information useful?

Regards

Adam
0
 

Author Comment

by:cobolinx1
ID: 35140632
It was but I don't think my security group will allow that plus I need to make sure it'll work in mozilla and ie... neat trick though..I'll give you some points when I can figure this out.
0
Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

 
LVL 12

Expert Comment

by:Cyber-spy
ID: 35143451
OK - let me know how it works out.
0
 
LVL 12

Expert Comment

by:Cyber-spy
ID: 35887085
I answered the question - and the author acknowledged it was useful.
I think I should get the points
0
 
LVL 19

Expert Comment

by:Amandeep Singh Bhullar
ID: 35944470
This question has been classified as abandoned and is closed as part of the Cleanup Program. See the recommendation for more details.
0

Featured Post

Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

User art_snob (http://www.experts-exchange.com/M_6114203.html) encountered strange behavior of Android Web browser on his Mobile Web site. It took a while to find the true cause. It happens so, that the Android Web browser (at least up to OS ver. 2.…
Prologue It is often required to host multiple websites on a single instance of IIS, mostly in development environments instead of on production servers. I am sure it is not much a preferred solution on production servers but this is at least a pos…
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…

789 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question