Home/ Questions/Q 8995413
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-15T23:37:01+00:00

I have made a login page. When the user logs in a request to

  • 0

I have made a login page. When the user logs in a request to an API is send. This API is PHP and checks the username and password. When both are correct an unique key is send back (this is placed in the database for further use: userid and other stuff needed in the website).
After that key is sent back it is placed in a cookie:

$.cookie("session", JSON.stringify(result));

After the cookie is set I send the user to a new page:

location.href = 'dashboard.htm';

In this page jQuery checks if the cookie “session” is present. If not, the user is send back to the login page.

sessionId = ($.cookie("session") ? JSON.parse($.cookie("session")).SessionId : 0);
return sessionId;

This works fine in Chrome, but IE (8/9) has some problems with this. I figured out that when you get to dashboard.htm the session is present. As soon as I hit F5 the session is gone. And sometimes the cookie isn’t set at all!

I can’t seem to figure out why this is happening in IE. Has someone any idea? Other options/ideas to save that unique key are also welcome.

Thanks in advance.

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    Possible ideas/ list of things you might try. Some information collected over the years!

    You should also make 100% sure your cookie code is not resetting the cookie. I’ve done it and I know others have. We swear its not our code but in the end sometimes it is 😉

    Stay away from special characters in your cookie names like underscores(_) and hyphens(-). IE doesn’t like them and sometimes stuff works and other times it doesn’t.

    Make sure to set the cookie with a very distant expire date. Browsers use the computers local time to see if the cookie is still usable. If the computers date and time are not correct it can cause an issue just like this.

    Make sure your setting the cookies for the correct domain name, I’ve seen people set cookies for path.example.com and then try to access them from bob.example.com. This will not work due to cross domain policy.

    If your trying to access the cookie via Javascript you should make sure you dont have the httponly flag set to true. This flag will 100% prevent any cookie from ever being accessed by Javascript.

    If your settings cookies in an iframe or frameset you will most likely need a P3P policy on your server. You should most likely have one anyone if your planning on supporting IE. For more information visit http://en.wikipedia.org/wiki/P3P

    Example HTACCESS to set P3P Policy:

    <IfModule mod_headers.c>
    Header set P3P "policyref=\"/w3c/p3p.xml\", CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\""
</IfModule>

    For a way to monitor your cookies, I would recommend using Chrome’s inspector. Under the Network tab you can click on a request and it will give you some more tabs like a Cookies tab which will allow you to see all the cookies.

    • 0