Frustrating Internet Explorer cookie bug (with fix!)

[Seth Brundle]

I run a website which uses cookie authentication.

Over the past year, I have recieved numerous complaints from users who
cannot login to the site. They just get the login page over and over
again, as if we are not recieving the cookie.

We ask them to try lowering their cookie security to default, but most
are at default. I have searched the KnowledgeBase and Google Groups
for a solution, tried them all, found none.

The only users affected are using Internet Explorer, various versions
(including the latest). Mozilla Firefox at least is unaffected, I
havent tried others yet.

We have never been able to reproduce it, and wrote it off as
third-party software interference, or compromised systems. We receive
complaints from about 1 in 1000 users.

Recently, one of our users had this problem and figured out the
solution himself.

The problem is with users whose windows clock is misset in the future.
If the clock is set in the future, the cookie is not sent back to the
server.

This bug does not affect all websites using cookies. For example, I
could not reproduce it with Amazon or NetFlix. However, Google Groups
and Gamespot are affected.

Now, how do we get this into the KnowledgeBase?????

 

[Guest]

cookies suck!!!!!!!!!!!!!!!!!


how to get things into the knowledge bas? just send about
100 letters to various microsoft departments.