Coldfusion cflocation tag on IE 10

Hi,
I have a CF 9.0 site, with the latest security updates. It's running on Windows 2008.

I have a login page. Once a user logs in, they get redirected to another page in the same directory that the login page existed in.
The cflocation tag looks like this:

Directory I am in:  www/admin  (www is my root http dir)
<cfset urlForward = "index.cfm" />
<!--- <cfset urlForward = "http://www.apple.com" /> --->
<!--- <cfset urlForward = "../testing.cfm" /> --->
<cflocation url="#urlForward#" addtoken="false" />

When I access/login  on Firefox or IE 8/9, it works fine. However when I  use  IE 10, the login page doesn't forward to  index.cfm. The login page just refreshes itself.

Things I have tried:
*Moving  index.cfm to another name -- still doesn't work
*Creating a very very simple page (test.cfm) and trying to redirect to that. - Nope
*Create a cffile tag at top of index.cfm and append to log file if page is accessed. -Nothing

What it comes down to is cflocation will not redirect to ANY page I create in www/admin
However, if I create the page outside of admin (locally or externally), the redirect works fine.

I have opened up all permissions on the admin directory -- still not working.

The thing to keep in mind here is that this is only not functioning correctly on IE 10, it works fine in all other IE versions and browsers.
I have tried using compatibility mode on IE 10, but the redirect within www/admin still doesn't work.

This is driving me nuts. Any ideas?!

Thanks!
Nacht
LVL 1
nachtmskAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

becraigCommented:
Can you try specifying the full URL in the cflocation tag and see if it fails in IE 10 ?


eg: <cfset urlForward = "http://www.domain.com/index.cfm" />
0
gdemariaCommented:
CFLOCATION is a server side redirect, you should use the full URL path
0
nachtmskAuthor Commented:
becraig -- thanks for the suggestion. I tried that, still not working. to verify I put in the full URL and tried using Firefox. The redirect worked fine. Still no good for IE 10.
I'm wondering if it's because of a system update (security updates, etc..) on this server. I could try to uninstall the most recent security updates on the server.
0
Newly released Acronis True Image 2019

In announcing the release of the 15th Anniversary Edition of Acronis True Image 2019, the company revealed that its artificial intelligence-based anti-ransomware technology – stopped more than 200,000 ransomware attacks on 150,000 customers last year.

nachtmskAuthor Commented:
It's odd that I can redirect to any other location on my server/site, just not in the admin directory. I'm wondering if there is some permission I am overlooking either at the file level or in IIS.
I know IE 10 is quirky.There is something here it's not liking...
0
becraigCommented:
Do you have fiddler on your computer ?

That way we can trace what call is being made and see if the server actually starts the redirect, also you might want to dump out the http headers to see what cgi_vars are being reported on the page, IE might be ignoring something or possibly seeing a security issue with the redirect.
0
nachtmskAuthor Commented:
Becraig -- nope, don't have fiddler. Never heard of it. I can find it though and install.

As for dumping the headers - I'm not really a CF person, can you tell me the way to do that to solve me having to look it up ;)

Thanks
N
0
gdemariaCommented:
> The login page just refreshes itself.

This could be the problem.   If you are attempting to login and the page just returns to the login page, this could mean that you are not successfully logged in.    This may not be because you entered the wrong credentials but because of the placement of the cookie or session variable.

Give it a test.  If you are using a session variable to test and activate the login (let's say it is  session.user_id), then on the login page display the value of this variable.  Then you should see that it is empty on your first load of the login page, then when you login and the page fails to redirect, show the variable to see if it is populated.  If it is not, that is what is keeping you from leaving your login page.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
nachtmskAuthor Commented:
gdemarie --
Maybe IE 10 handles cookies differently then other versions/browsers? It wouldn't be the first time Microsoft mucks around with something it shouldn't have. Sorry -- MS and IE drive me crazy several times a week.
0
gdemariaCommented:
Did you test?  

Cookies (and therefore session variables) require an end-of-request of a web page in order to write the cookie that supports session variables.

CFLOCATION is a server side redirect and therefore interrupts the request before the page is drawn and the cookie is never dropped.   The difference between browsers as well as within a browser but with different user experiences can be very subtle; such as whether or not a cookie has been dropped already for other purposes, or if the session variable already existed - and as you say, how the browsers handle cookies.

Test it and see if that's what it is..
0
nachtmskAuthor Commented:
gdmariea -- didn't test yet. In middle of something else. I'll do it soon and report back. Thanks!!
0
nachtmskAuthor Commented:
gdMaria - Not sure which session var to check. Code below. What do you think?
Is is possible to use cfdump to check them all at once?

      <cfif checklogin.recordCount gt 0>
      <cfset session.adminUser.isLoggedIn = true />
      <cfset session.adminUser.guiAdminUserId = checklogin.guiAssociateId />
      <cfset session.associate = CreateObject("component","cfc.Associate").populateFromId(checklogin.guiAssociateId) />
            <cfset qryPrimaryOffice = session.associate.getPrimaryOffice() />
            <cfif qryPrimaryOffice.recordcount gt 0>
                  <cfset session.primaryOfficeID = qryPrimaryOffice.guiOfficeID />
            <cfelse>
                  <cfset session.primaryOfficeID = "" />
            </cfif>
            
            <cfif not isDefined("session.urlForward") OR session.urlForward eq "" OR session.urlForward contains "/admin/login.cfm">
                  <cfset urlForward = "index.cfm" />
                  <!--- <cfset urlForward = "http://www.apple.com" /> --->

            <cfelse>
                  <cfset urlForward = session.urlForward />
            </cfif>      
<cffile action="append" file="C:/home/mls/logs/newlogin.txt"  output="cflocation  being set ...  #urlForward# Sess: #session.urlForward# ">
            
            <cflocation url="#urlForward#" addtoken="false" />

      <cfelse>
            <cfset er = "There was a problem with your login" />
      </cfif>
0
gdemariaCommented:
I think you need to look at the code that redirects you to the login page if you are not logged in.    You want to check that test that may be failing...

The code you're showing looks like the login procedure where it is actually logging the user in and then redirecting to a different page.
0
nachtmskAuthor Commented:
Thanks everyone for the help.
The solution was for me to rebuild my test server. Then it worked the way it should have. That test server has been though a lot of changes over the years. Something was messed up, but I don't know what it was. The CF code worked fine once the server was rebuilt.
Thanks for you help.
Nacht
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
ColdFusion Language

From novice to tech pro — start learning today.