jamesrbourne
asked on
Cookie format has changed
It used to be that IE cookies were stored in the users cookies folder (c:\users\username\cookies or c:\documents and settings\username\cookies) in the form: username@domainname e.g. admin@bbc.co[1].txt
Something has changed in the last few months so that the cookies are now stored in what appears to be a random letter and number format e.g. F6F3N6DQ.txt
There is no way of telling which cookie is which without opening each text file and inspecting the contents - and even then it's not obvious.
There now appears to be a new entry type in the temporary internet files cache folder e.g. cookie: admin@bbc.co.uk/
This is linked in some way to the relevant file in the cookies folder. For instance if you delete 'cookie: admin@bbc.co.uk' from temporary internet files folder it deletes F6F3N6DQ.txt in the cookies folder.
Therefore, the entire way IE stores cookies has been changed at some point - this has severely impacted several of our applications which rely on deleting cookies programatically (I am still having problems redesigning the apps to delete from the new locations - it appears you cannot now delete directly using the file system!)
Does anyone know when this change came about, the reasons behind it and whether it is possible to revert back to the previous system?
Something has changed in the last few months so that the cookies are now stored in what appears to be a random letter and number format e.g. F6F3N6DQ.txt
There is no way of telling which cookie is which without opening each text file and inspecting the contents - and even then it's not obvious.
There now appears to be a new entry type in the temporary internet files cache folder e.g. cookie: admin@bbc.co.uk/
This is linked in some way to the relevant file in the cookies folder. For instance if you delete 'cookie: admin@bbc.co.uk' from temporary internet files folder it deletes F6F3N6DQ.txt in the cookies folder.
Therefore, the entire way IE stores cookies has been changed at some point - this has severely impacted several of our applications which rely on deleting cookies programatically (I am still having problems redesigning the apps to delete from the new locations - it appears you cannot now delete directly using the file system!)
Does anyone know when this change came about, the reasons behind it and whether it is possible to revert back to the previous system?
How exactly is your application deleting cookies ( IE: paste the code )? If you can give me some more technical details on the "how's" i can possibly help you minimize the impact of the changes that you would have to make.
ASKER
Sample code to delete previous style cookies:
fs = CreateObject("Scripting.Fi leSystemOb ject")
ucl = ""
uclok = True
ucl = My.Computer.Registry.GetVa lue _ ("HKEY_CURRENT_USER\Softwa re\Microso ft\Windows \CurrentVe rsion\Expl orer\Shell Folders", "Cookies", Nothing)
'Strip trailing slash if present
If Right(ucl, 1) = "\" Then
ucl = Left(ucl, Len(ucl) - 1)
End If
fs1 = ucl & "\*@bbc*.txt"
fs.DeleteFile(fs1)
fs = CreateObject("Scripting.Fi
ucl = ""
uclok = True
ucl = My.Computer.Registry.GetVa
'Strip trailing slash if present
If Right(ucl, 1) = "\" Then
ucl = Left(ucl, Len(ucl) - 1)
End If
fs1 = ucl & "\*@bbc*.txt"
fs.DeleteFile(fs1)
"This is linked in some way to the relevant file in the cookies folder. For instance if you delete 'cookie: admin@bbc.co.uk' from temporary internet files folder it deletes F6F3N6DQ.txt in the cookies folder."
FYI, "%userprofile%\local settings\temporary internet files" folder doesn't contain anything. It is a "Special" Shell Folder, which combines data from %userprofile%\cookies, and "Shell:cache\content.ie5" (just paste the paths into a RUN dialog)... The content.ie5 folder is hidden, and is not visible in the Folder Listing from the Temporary Internet Files folder contents. You have to add that in the Address bar, or type it directly.
Hence explaining why when you deleted it from the TIF folder, you really deleted it from the cookies folder...
And in Windows 7, it is "%userprofile%\AppData\Roa ming\Micro soft\Windo ws\Cookies "
FYI, "%userprofile%\local settings\temporary internet files" folder doesn't contain anything. It is a "Special" Shell Folder, which combines data from %userprofile%\cookies, and "Shell:cache\content.ie5" (just paste the paths into a RUN dialog)... The content.ie5 folder is hidden, and is not visible in the Folder Listing from the Temporary Internet Files folder contents. You have to add that in the Address bar, or type it directly.
Hence explaining why when you deleted it from the TIF folder, you really deleted it from the cookies folder...
And in Windows 7, it is "%userprofile%\AppData\Roa
ASKER
In reply to johnb6767:
Thanks, yes that explains the link but where is the reference ''cookie: admin@bbc.co.uk' being stored and how do you access it and match it to the actual cookie file.
As you say TIF is empty when read by the file system object so you seem to not be able to delete in the traditional manner. Any idea?
Thanks, yes that explains the link but where is the reference ''cookie: admin@bbc.co.uk' being stored and how do you access it and match it to the actual cookie file.
As you say TIF is empty when read by the file system object so you seem to not be able to delete in the traditional manner. Any idea?
In your script above you already have the location.....
"HKEY_CURRENT_USER\Softwar e\Microsof t\Windows\ CurrentVer sion\Explo rer\Shell Folders", "Cookies"
I still dont have an explanation as to the cookie formats changing... The only guess I can offer, is perhaps from either InPrivate Filtering, or from sites visited with Protected Mode enabled....
"HKEY_CURRENT_USER\Softwar
I still dont have an explanation as to the cookie formats changing... The only guess I can offer, is perhaps from either InPrivate Filtering, or from sites visited with Protected Mode enabled....
ASKER
Thanks, johnb6767
This occurs without InPrivate filtering and occurs on XP as well as Win 7 - protected mode only available on Vista and above so it's nothing to do with that either.
I have a case open with MS regarding this and will post back any results but i'm surprised I cannot find more info regarding this change of cookie storage behaviour - anyone else please?
This occurs without InPrivate filtering and occurs on XP as well as Win 7 - protected mode only available on Vista and above so it's nothing to do with that either.
I have a case open with MS regarding this and will post back any results but i'm surprised I cannot find more info regarding this change of cookie storage behaviour - anyone else please?
I wish I had more for you.....
ASKER
Microsoft have come back to me. The change in behaviour took place with cumulative security update MS11-057 released on 9 August 2011 see: http://support.microsoft.com/kb/2559049
This blog explains the cookie behaviour change: http://blogs.msdn.com/b/ieinternals/archive/2011/08/12/internet-explorer-9.0.2-update-changes-file-protocol-and-cookie-naming.aspx
Scroll down to 'Cookie Filenames are Randomized'
This has done wonders for my sanity!
So, it looks like you can no longer use filesystemobject to easily delete cookies, according to a filter, from the cookies folder- you can delete from the cache manually by going to the Temporary Internet Files. To programatically delete cookies they are recommending the WinInet functiions:
http://msdn.microsoft.com/en-us/library/aa452092.aspx
I'll be taking at look at this and will post if successful.
This blog explains the cookie behaviour change: http://blogs.msdn.com/b/ieinternals/archive/2011/08/12/internet-explorer-9.0.2-update-changes-file-protocol-and-cookie-naming.aspx
Scroll down to 'Cookie Filenames are Randomized'
This has done wonders for my sanity!
So, it looks like you can no longer use filesystemobject to easily delete cookies, according to a filter, from the cookies folder- you can delete from the cache manually by going to the Temporary Internet Files. To programatically delete cookies they are recommending the WinInet functiions:
http://msdn.microsoft.com/en-us/library/aa452092.aspx
I'll be taking at look at this and will post if successful.
Excellent to know.....
Heres another method that can be used for cookie cleaning.....
RunDll32.exe InetCpl.cpl,ClearMyTracksB yProcess 2
Heres another method that can be used for cookie cleaning.....
RunDll32.exe InetCpl.cpl,ClearMyTracksB
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
MSDN support call opened with Microsoft which helped in explaining and solving this problem.