I've been tasked with attempting to find out the what the "flags" details
indicate on IE cookie files. The only information I've been able to gather is
that 0x0001 bit indicates a secure connection cookie.

Other flags I have seen is 1536 and 1600. Is there some details as to that
the flags indicate?

Regards,
Jason Kendall

Cookie flags -

Privacy Flags
http://msdn2.microsoft.com/en-us/library/ms537340.aspx

More cookie data info here:

Privacy Reference Documentation
http://msdn2.microsoft.com/en-us/library/ms537322.aspx


--

Jon Kennedy, MS MVP/IE
Charlotte, NC, USA
(E-Mail Removed)


"Jason Kendall" <Jason (E-Mail Removed)> wrote in message
news:F013656D-A9AE-4819-B456-(E-Mail Removed)...
> I've been tasked with attempting to find out the what the "flags" details
> indicate on IE cookie files. The only information I've been able to gather
> is
> that 0x0001 bit indicates a secure connection cookie.
>
> Other flags I have seen is 1536 and 1600. Is there some details as to that
> the flags indicate?
>
> Regards,
> Jason Kendall

That was very good information - But I fail to see how one can achieve a
value of 1600 with the flags listed there. Privacy starts at 10000 (High
order Bits) and the max value assuming all flags were somehow activated in
the low order bits (which as far as I can see should never happen) was (dec)
63.

Are there more flags not listed?

Regards,
Jason Kendall

"Jon Kennedy" wrote:

> Cookie flags -
>
> Privacy Flags
> http://msdn2.microsoft.com/en-us/library/ms537340.aspx
>
> More cookie data info here:
>
> Privacy Reference Documentation
> http://msdn2.microsoft.com/en-us/library/ms537322.aspx
>
>
> --
>
> Jon Kennedy, MS MVP/IE
> Charlotte, NC, USA
> (E-Mail Removed)
>
>
> "Jason Kendall" <Jason (E-Mail Removed)> wrote in message
> news:F013656D-A9AE-4819-B456-(E-Mail Removed)...
> > I've been tasked with attempting to find out the what the "flags" details
> > indicate on IE cookie files. The only information I've been able to gather
> > is
> > that 0x0001 bit indicates a secure connection cookie.
> >
> > Other flags I have seen is 1536 and 1600. Is there some details as to that
> > the flags indicate?
> >
> > Regards,
> > Jason Kendall
>
>
>

There are Win API flags, but I don't know if they work with cookies:
http://msdn2.microsoft.com/en-us/library/aa383661.aspx
And there's these:
http://msdn2.microsoft.com/en-us/library/aa385351.aspx
If this isn't what you are looking for, search here:
http://msdn2.microsoft.com/en-us/default.aspx
--

Jon Kennedy, MS MVP/IE
Charlotte, NC, USA
(E-Mail Removed)


"Jason Kendall" <Jason (E-Mail Removed)> wrote in message
news:FB41B9C7-A705-48E8-8ED8-(E-Mail Removed)...
> That was very good information - But I fail to see how one can achieve a
> value of 1600 with the flags listed there. Privacy starts at 10000 (High
> order Bits) and the max value assuming all flags were somehow activated in
> the low order bits (which as far as I can see should never happen) was
> (dec)
> 63.
>
> Are there more flags not listed?
>
> Regards,
> Jason Kendall
>
> "Jon Kennedy" wrote:
>
>> Cookie flags -
>>
>> Privacy Flags
>> http://msdn2.microsoft.com/en-us/library/ms537340.aspx
>>
>> More cookie data info here:
>>
>> Privacy Reference Documentation
>> http://msdn2.microsoft.com/en-us/library/ms537322.aspx
>>
>>
>> --
>>
>> Jon Kennedy, MS MVP/IE
>> Charlotte, NC, USA
>> (E-Mail Removed)
>>
>>
>> "Jason Kendall" <Jason (E-Mail Removed)> wrote in
>> message
>> news:F013656D-A9AE-4819-B456-(E-Mail Removed)...
>> > I've been tasked with attempting to find out the what the "flags"
>> > details
>> > indicate on IE cookie files. The only information I've been able to
>> > gather
>> > is
>> > that 0x0001 bit indicates a secure connection cookie.
>> >
>> > Other flags I have seen is 1536 and 1600. Is there some details as to
>> > that
>> > the flags indicate?
>> >
>> > Regards,
>> > Jason Kendall
>>
>>
>>

"Jason Kendall" <Jason (E-Mail Removed)> wrote in message
news:F013656D-A9AE-4819-B456-(E-Mail Removed)...
> I've been tasked with attempting to find out the what the "flags" details
> indicate on IE cookie files. The only information I've been able to gather is
> that 0x0001 bit indicates a secure connection cookie.
>
> Other flags I have seen is 1536 and 1600.


Where?


> Is there some details as to that the flags indicate?


1536 == 0x600 (2 bits set) 1600 == 0x640 (3 bits set)


---

Robert;

You asked where - Specifically in any of the cookie files IE creates in your
profile. Example follows:

RMID
c660b2214715fa00
securityfocus.com/
1536
3567004032
30124358
3579314800
29888700
*
__utma
33565859.188073867.1192625660.1192625660.1192625660.1
securityfocus.com/
1600
2350186496
32111674
3580404800
29888700
*
__utmb
33565859
securityfocus.com/
1600
105208320
29888705
3580404800
29888700
*
__utmz
33565859.1192625660.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none)
securityfocus.com/
1600
2445706752
29925413
3581494800
29888700
*

You'll note the structure: name, value, URL, FLAGS, and the rest relate to
creation/expire times. Here you can see the flags 1600 and 1536 are both
represented.

On further thinking, I was wondering if there was some BIT reversal
happening, however that doesn't seem to fit either.

You concept given is one I did not think of, however, that doesn't seem to
fit the available data.

Any other suggestions on decoding these flags?


"Robert Aldwinckle" wrote:

> "Jason Kendall" <Jason (E-Mail Removed)> wrote in message
> news:F013656D-A9AE-4819-B456-(E-Mail Removed)...
> > I've been tasked with attempting to find out the what the "flags" details
> > indicate on IE cookie files. The only information I've been able to gather is
> > that 0x0001 bit indicates a secure connection cookie.
> >
> > Other flags I have seen is 1536 and 1600.
>
>
> Where?
>
>
> > Is there some details as to that the flags indicate?
>
>
> 1536 == 0x600 (2 bits set) 1600 == 0x640 (3 bits set)
>
>
> ---
>
>
>