search : cookie

select a category, or use search below
(searches all categories and all time range)

displaying top 100 results

Add SameSite Cookie Support to ColdFusion
Unable to specify Cookie Timeout of -1 in Administrator
CF Crash (500 Internal Server Error) from Non-ASCII Cookie Character
Cookie is no longer expired when no value attribute is used in IE
Comment on CF Crash (500 Internal Server Error) from Non-ASCII Cookie Character by External U.
Comment on Add SameSite Cookie Support to ColdFusion by Vamseekrishna N.
Comment on CF Crash (500 Internal Server Error) from Non-ASCII Cookie Character by James M.
Turning on Secure Cookie should force Admin to only run under https
Comment on CF Crash (500 Internal Server Error) from Non-ASCII Cookie Character by External U.
Comment on Unable to specify Cookie Timeout of -1 in Administrator by External U.
Bug 87081:Change the Client Variable Storage default to Cookie or None
Comment on CF Crash (500 Internal Server Error) from Non-ASCII Cookie Character by External U.
Comment on CF Crash (500 Internal Server Error) from Non-ASCII Cookie Character by James M.
Comment on CF Crash (500 Internal Server Error) from Non-ASCII Cookie Character by External U.
Comment on CF Crash (500 Internal Server Error) from Non-ASCII Cookie Character by External U.
Comment on Cookie is no longer expired when no value attribute is used in IE by Vamseekrishna N.
Comment on Cookie is no longer expired when no value attribute is used in IE by Aaron N.
EET#580 Coldfusion does not expire empty-value cookies in IE - Japanese Locale
Comment on Bug 80043:HTTP-Only cookie for session cookie? It is currently not possible for dealing with session cookie by External U.
Coldfusion does not expire empty-value cookies in IE
Bug 80043:HTTP-Only cookie for session cookie? It is currently not possible for dealing with session cookie
Comment on Coldfusion does not expire empty-value cookies in IE by External U.
Cookies containing the '@' character are truncated (i.e. those with emails)
2611586 CF-3608332 Adobe D. CFCookie and Cookie in script Bug Number: CF-3608332 Reviewer: Alty Description: Empty cookie value was getting added as "" i.e. double quotes characters. This is a bug with Tomcat. Logged tomcat bug 55867. For now if cookie value is empty we will add this cookie as SET-Cookie
Comment on CF10 writes CFID and CFToken cookies incorrectly, causing session problems (fatal for CF9) for all other instances in domain by External U.
Bug 81187:When using the HTTPOnly flag in CFCOOKIE on a CF9 Web Application deployed on Tomcat 6, the cookie statement is improperly constructed resulting in appending the HTTPOnly statement to the cookie value
Comment on with no expires attribute managing session (CFID / CFTOKEN) browser only cookies results in persistent cookies by External U.
Comment on cookies will be corupt/session will not hold after enable secure cookie custom header to prevent xss vulnerabilities by Norbert L.
cookies assigned with a NULL value are not recognized
cookies will be corupt/session will not hold after enable secure cookie custom header to prevent xss vulnerabilities
Comment on setDomainCookies="true" does not set domain cookies in websites like... http://example.com by S P.
Comment on setDomainCookies="true" does not set domain cookies in websites like... http://example.com by S P.
Comment on setDomainCookies="true" does not set domain cookies in websites like... http://example.com by External U.
Comment on Session Cookies Being Overwritten Browsing From SSL to Non SSL by External U.
2611350 CF-3628944 S V. I am able to reproduce the issue after adding the provided logout.cfm logic in the adobe’s documentation example. This issue happens because of manually clearing cookies. One of the reason this issue was introduced because of the newly added attribute ‘preserveCase’ which
Addressing SameSite cookie issues, before Adobe offers an update that does
Comment on Coldfusion does not expire empty-value cookies in IE by Toby W.
with no expires attribute managing session (CFID / CFTOKEN) browser only cookies results in persistent cookies
Comment on with no expires attribute managing session (CFID / CFTOKEN) browser only cookies results in persistent cookies by External U.
Comment on Cookies containing the '@' character are truncated (i.e. those with emails) by Kailash B.
Comment on Cookie-Processing not complaint to latest RFC by Kailash B.
Comment on ColdFusion 10 cannot read the cookie value with = character by S V.
Comment on CF10 writes CFID and CFToken cookies incorrectly, causing session problems (fatal for CF9) for all other instances in domain by External U.
Comment on Updater 15 changes/breaks behavior of deleting cookie.cfid/cftoken by External U.
2611586 CF-3608332 Adobe D. Comments from Tomcat bug. Looks like we will not get a fix from tomcat. [reply] [?] Description Shilpi 2013-12-12 07:15:00 UTC When Cookie value is empty, double quotes are added. Example if cookie is following - name = test value = the resultant cookie in the client
Comment on CF10 writes CFID and CFToken cookies incorrectly, causing session problems (fatal for CF9) for all other instances in domain by External U.
Charlie Arehart I would recommend you start by using another browser, to make sure this is not some curious cookie problem. Or if you have no other browser, try clearing your cookies in the current browser.
Comment on cookies assigned with a NULL value are not recognized by External U.
2609512 CF-3839458 External U. Forgot to note: When THIS.loginStorage="cookie", then the issue does not reoccur if an old cfauthorization cookie is still present. Thanks!, -Aaron
Comment on setDomainCookies="true" does not set domain cookies in websites like... http://example.com by External U.
Comment on setDomainCookies="true" does not set domain cookies in websites like... http://example.com by CFwatson U.
Comment on setDomainCookies="true" does not set domain cookies in websites like... http://example.com by S P.
2611127 CF-3639079 External U. Try clearing your cookies. I've seen this happen before when you have another cf server that's setting a domain cookie for cfid/cftoken/jsessionid.
Comment on Session Cookies Being Overwritten Browsing From SSL to Non SSL by External U.
Comment on cookies will be corupt/session will not hold after enable secure cookie custom header to prevent xss vulnerabilities by Norbert L.
Comment on cookies will be corupt/session will not hold after enable secure cookie custom header to prevent xss vulnerabilities by S P.
4123109 CF-4201688 Matthew C. Just more info on it - we'd really like to see this implemented: https://web.dev/samesite-cookies-explained/ https://www.troyhunt.com/promiscuous-cookies-and-their-impending-death-via-the-samesite-policy/
4123109 CF-4201688 Toby W. This is now an issue as Chrome blocks all cookies that require this attribute that are not on the same site. Which means that cookies are unusable in Chrome - we need a fix now! Is there a hot fix?
Comment on setDomainCookies causes NullPointerException on domain change by External U.
Comment on Updater 15 changes/breaks behavior of deleting cookie.cfid/cftoken by S P.
Comment on CF10 writes CFID and CFToken cookies incorrectly, causing session problems (fatal for CF9) for all other instances in domain by External U.
Comment on Session Cookies Being Overwritten Browsing From SSL to Non SSL by Adobe D.
Comment on Session gets lost on cflocation width J2EE Sessions and Cookies disabled by External U.
Comment on Cookies containing the '@' character are truncated (i.e. those with emails) by Aaron N.
Cookie-Processing not complaint to latest RFC
setDomainCookies="true" does not set domain cookies in websites like... http://example.com
Bug 79691:While I found that CFCOOKIE now supports a httpOnly attribute to send HttpOnly cookies to the browser, the default cookies CF sends (e
Comment on Cookie-Processing not complaint to latest RFC by H. S.
Comment on with no expires attribute managing session (CFID / CFTOKEN) browser only cookies results in persistent cookies by External U.
Comment on Bug 79691:While I found that CFCOOKIE now supports a httpOnly attribute to send HttpOnly cookies to the browser, the default cookies CF sends (e by External U.
4123109 CF-4201688 A. B. Could it be that ColdFusion 2018 implicitly supports samesite cookies? After all, ColdFusion 2018 runs on Tomcat 9.0.21, and this version of Tomcat has support for samesite cookies. See https://tomcat.apache.org/tomcat-8.5-doc/config/cookie-processor.html You would
4123109 CF-4201688 Language : Cookie James Moberg CFCookie "samesite" support I'd like to use the "samesite" cookie attribute w/CFCookie. (I would prefer not to have to write my own handler because I've encountered issues where setting a cookie wouldn't make it available to the Cold
Invalid Set-Cookie Header Date Format
Setting a cookie to a non-simple value doesn't throw an error in scope-syntax
setDomainCookies causes NullPointerException on domain change
CFLOGIN idletimeout under cookie storage does not work
Bug 86387:-(Watson Migration Closure)Session cookies see comments
2608114 CF-4189738 External U. Hi Preethi, I've attached a zip file with 3 coldfusion files. Navigate to /ajaxTest.cfm When cookies are turned off, the page will alert "Server var is not defined". If cookies are enabled, the file will alert true. (It took me a little while to get cookies
Comment on cookies assigned with a NULL value are not recognized by Kailash B.
2609409 CF-3849572 External U. This problem may be related to the change made to CF Session ID creation when the browser cookie passes a CF ID to CF server that does not have that Session ID in memory (ie. an old Session ID). I believe at CF9, Coldfusion now creates a brand new CF ID, instead
2612274 CF-3531688 External U. This problem is caused by cookies. Cookies issued by CF9 are picked up by CF10 but they contain mismatching information (GUID etc) which causes CF10 to be confused. Each time I've seen it clearing cookies for that domain solves the problem. This means you will only
Comment on Session gets lost on cflocation width J2EE Sessions and Cookies disabled by External U.
4123109 CF-4201688 John W. https://blog.chromium.org/2019/10/developers-get-ready-for-new.html With Chrome 80 in February, Chrome will treat cookies that have no declared SameSite value as SameSite=Lax cookies. Only cookies with the SameSite=None; Secure setting will be available for external
4123109 CF-4201688 Edwin S. Hi Gerald, We are adding header from our side. If it is not being honoured, then Websphere might be processing the Set-Cookie headers to remove unexpected attributes. So they need to support as well Few application servers(including Tomcat) do not support samesite
3422688 CF-4199524 Core Runtime : Session Management branden johnson session data between sub domains i need to maintain session data between sub domains you can do this easy by setting: this.setdomaincookies="yes" works perfectly because the cfid and cftoken cookies domain is set to ".domain
Comment on jsessionid cookie present when J2EE disabled from admin by Stephen W.
Comment on setDomainCookies causes NullPointerException on domain change by S P.
Comment on setDomainCookies causes NullPointerException on domain change by External U.
Comment on setDomainCookies causes NullPointerException on domain change by Vamseekrishna N.
Comment on setDomainCookies causes NullPointerException on domain change by External U.