Solved

Get cookie from browser from IIS

Posted on 2011-03-04
8
326 Views
Last Modified: 2012-06-27
I'm trying to get a cookie that is from another domain. The cookie is on the users browser and I was told that I could query the cookie through IIS... Is that true?
0
Comment
Question by:cobolinx1
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
8 Comments
 
LVL 12

Accepted Solution

by:
Cyber-spy earned 500 total points
ID: 35040751
No, this is not possible - think of all the ways security could be breached if you could read cookies from other domains!

As cookies are stored in the browser, the web server makes little difference.

There are several ways of communicating with other domains though.

The simplest is to download an image from the other domain

So, on a web page from www.this.com, you could have something like this:

<img src="http://www.that.net/transfer.aspx?key1=value1&key2=value2" style="width:1px; height:1px" />

Open in new window


transfer.aspx can process whatever data is sent. When it returns an image (make it a 1x1 transparent gif, or even nothing at all - an image with no data and a '200 OK' HTTP response doesn't (in my experience) show a broken image on the page), attach cookies to the image (all files - html, aspx, images, javascript etc can come with cookies).

When you visit http://www.that.net/, your cookie should be there. This is basically the technique used by advertisers to track your movements across the web.

Don't rely too heavily on this though - there are lots of ways of blocking 'third-party' cookies (for the reason mentioned above) so it may not work in every browser.
0
 
LVL 12

Expert Comment

by:Cyber-spy
ID: 35113607
Hi,

Was this information useful?

Regards

Adam
0
 

Author Comment

by:cobolinx1
ID: 35140632
It was but I don't think my security group will allow that plus I need to make sure it'll work in mozilla and ie... neat trick though..I'll give you some points when I can figure this out.
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 12

Expert Comment

by:Cyber-spy
ID: 35143451
OK - let me know how it works out.
0
 
LVL 12

Expert Comment

by:Cyber-spy
ID: 35887085
I answered the question - and the author acknowledged it was useful.
I think I should get the points
0
 
LVL 19

Expert Comment

by:Amandeep Singh Bhullar
ID: 35944470
This question has been classified as abandoned and is closed as part of the Cleanup Program. See the recommendation for more details.
0

Featured Post

Secure Your Active Directory - April 20, 2017

Active Directory plays a critical role in your company’s IT infrastructure and keeping it secure in today’s hacker-infested world is a must.
Microsoft published 300+ pages of guidance, but who has the time, money, and resources to implement? Register now to find an easier way.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

ASP.Net to Oracle Connectivity Recently I had to develop an ASP.NET application connecting to an Oracle database.As I am doing it first time ,I had to solve several problems. This article will help to such developers  to develop an ASP.NET client…
Problem Hi all,    While many today have fast Internet connection, there are many still who do not, or are connecting through devices with a slower connect, so light web pages and fast load times are still popular.    If your ASP.NET page …
In a recent question (https://www.experts-exchange.com/questions/29004105/Run-AutoHotkey-script-directly-from-Notepad.html) here at Experts Exchange, a member asked how to run an AutoHotkey script (.AHK) directly from Notepad++ (aka NPP). This video…

749 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question