Avatar of universalglove
universalgloveFlag for United States of America asked on

Issue with Cookies and Character Encoding, from ASP.NET to classic ASP

I'm having an issue with a classic ASP forum that I'm trying to convert to work beneath an ASP.NET website. I'm using .NET Membership for storing user accounts and logging users in. Upon logging in, I write a cookie that saves the username and encrypted password, straight out of the database, for use by the forum. (I'm utilizing the same mechanism the forum itself already used; just having .NET handle logins and writing the cookie, and disabling all parts of the forum that handled that, i.e. rewriting them to only check credentials against the values in the cookie).

With one user (my primary administrative user, as luck would of course have it), I can't make the forum authenticate.
I can interact just fine with the forum as other users. I've tested the code itself piece by piece, and finally narrowed it down to the one difference: the password's encrypted value for the one user contains + signs. (They all contain = signs at the end of the encrypted password, and those are not a problem apparently.)
• When I view the cookie, from a .NET or classic ASP page, the password is proper - contains the +s.
• When I write the value that the classic ASP pages grab from the cookie, the +s are missing. They are not square boxes, as I'd expect - just spaces.
• I copy that value and paste it in my text editor, and it sees them the same as other spaces.
• If I try changing the encoding in my text editor, the +s do not show up.
• The .NET pages were originally UTF-8; the classic ASP pages were originally Windows-1252.
• If I change the encoding of the classic ASP pages to UTF-8 (using <meta charset="">), no change in the cookie value - though there are changes in the rest of the text on the page.
• If I set Response.Charset="UTF-8", no change.
• I can see the +s in the database. That and the fact that .NET is writing them to the database makes me assume they're stored as UTF-8.
• Session.LCID=1033, if that matters or affects anything.

How can I get classic ASP to read the cookie values properly?
Request.Cookies doesn't do something to their values, does it?
I'm currently looking to see if there's a way I can forcibly, in code, say "grab this value as UTF-8!".

I hate messing with character encoding. It always seems like it's controlled from too many places, and no matter how much I try, if it doesn't just magically work out, I can never get it to. Even when I do, then that usually just means Internet ****ing Explorer messes up somehow. And I don't have anyone that I can just ask to look over it all and point out to me how each piece of the machinery handles the value along the way - SQL Server, Windows server, the ASP itself, and then the client browser. And this sort of problem always ends up sucking up tons of time on something I didn't need to be spending the time on, usually with only extreme workaround solutions (like, "don't use that forum").

Avatar of undefined
Last Comment

8/22/2022 - Mon

Finally remembered to do one of the searches I was thinking of, and found this:

I'm assuming that means I should try UrlEncode on the cookie value from .NET (and of course the corresponding UrlDecode in ASP).

Log in or sign up to see answer
Become an EE member today7-DAY FREE TRIAL
Members can start a 7-Day Free trial then enjoy unlimited access to the platform
Sign up - Free for 7 days
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
See how we're fighting big data
Not exactly the question you had in mind?
Sign up for an EE membership and get your own personalized solution. With an EE membership, you can ask unlimited troubleshooting, research, or opinion questions.
ask a question
All of life is about relationships, and EE has made a viirtual community a real community. It lifts everyone's boat
William Peck