Unique Way to Detect if Cookies are set - opinions?

[Victor]

I was thinking about an easy to determine if cookies are set or not in ASP. I began
thinking about how the Session ID is dependent upon a cookie - right?

Well, I disabled cookies in Firefox and then loaded a webpage that displayed
Session.SessionID. Viola, I got one! And then, I reloaded the page. And then, I noticed
that the SessionID incremented by one!

This still isn't yet a one-page method of detecting if cookies are enabled or not (like
BrowserHawk does), but are there any possibilities here?

Vic

 

[Mike Brind]

I was thinking about an easy to determine if cookies are set or not in ASP.
I began
thinking about how the Session ID is dependent upon a cookie - right?

Well, I disabled cookies in Firefox and then loaded a webpage that
displayed
Session.SessionID. Viola, I got one! And then, I reloaded the page. And
then, I noticed
that the SessionID incremented by one!

This still isn't yet a one-page method of detecting if cookies are enabled
or not (like
BrowserHawk does), but are there any possibilities here?

http://classicasp.aspfaq.com/general/how-do-i-detect-enabled-cookies/javascript.html

 

[Daniel Crichton]

Victor wrote on Mon, 23 Oct 2006 15:50:53 -0400:

I was thinking about an easy to determine if cookies are set or not in
ASP. I began thinking about how the Session ID is dependent upon a cookie
- right?

Well, I disabled cookies in Firefox and then loaded a webpage that
displayed Session.SessionID. Viola, I got one! And then, I reloaded the
page. And then, I noticed that the SessionID incremented by one!

This still isn't yet a one-page method of detecting if cookies are enabled
or not (like BrowserHawk does), but are there any possibilities here?

Vic

You can't do it in a one-page method - with ASP, everything is executed
before being sent to the client. How do you know if the page is the first
one being loaded by the browser or not? You could check the referer to see
if it's from another page on your own site, but that won't always be
reliable (referer could be empty due to being removed by an intermediate
proxy for instance).

All the SessionID incrementing tells you is that a new Session ID was
generated because no Session ID cookie was passed into the page. This will
happen when cookies are disabled, or the page is the first one loaded by the
browser on your site, or the application pool has just been recycled and all
Sessions have been cleared, or the previous Session ID cookie has expired.
(the last two examples would however still have Session ID cookies being
sent by the browser, but I seem to remember they can't be read by an ASP
page anyway because IIS removes them from the Cookie header before the ASP
page is processed).

Dan

 

[Evertjan.]

Victor wrote on 23 okt 2006 in microsoft.public.inetserver.asp.general:

This still isn't yet a one-page method of detecting if cookies are
enabled or not (like BrowserHawk does), but are there any
possibilities here?

The session cookie [and other cookies] being set can only be detected
serverside on the second pass of your requested one-page:

<%@ Language=VBScript %>
<% Response.Expires = -100 %>
<%
if session("yes")="yes" then
%>
Session cookie was set
<%
elseif request.form("time")="first" then
%>
Session cookie seems UNsettable
<%
else
session("yes")="yes"
%>
<form>
<input type='hidden' name='time' value='first'>
<input type='submit' value='Press me please.'>
</form>
<%
end if
%>