Этот сайт имеет ограниченную функциональность, пока мы проводим техническое обслуживание для улучшения его работы. Если какая-либо статья не решила вашу проблему и вы хотите задать вопрос, наше сообщество поддержки ждёт вас: @FirefoxSupport в Твиттере и /r/firefox на Reddit.

Поиск в Поддержке

Избегайте мошенников, выдающих себя за службу поддержки. Мы никогда не попросим вас позвонить, отправить текстовое сообщение или поделиться личной информацией. Сообщайте о подозрительной активности, используя функцию «Пожаловаться».

Подробнее

Why are cookies not updated in the request when meta refresh is used?

  • 1 ответ
  • 5 имеют эту проблему
  • 9 просмотров
  • Последний ответ от jimberg98

more options

I've written a web site that uses IIS Forms Authentication. It's configured to use authentication tickets with a sliding expiration. FireFox allows the ticket to expire while it works fine with Internet Explorer.

The web site uses a Keep Alive page that uses the meta refresh tag to periodically post back to the server to keep authenticated. This is done because some users have a need to use another web site that does not run in IIS and we don't want their authentication to time out while they are there.

I used Fiddler to monitor the requests and responses and found that when IIS sends the updated cookie with the authentication ticket containing the revised expiration date, the cookie appears to be accepted by FireFox (according to CookieSafe as recorded in the error console Ctrl-shift-J). When the meta refresh occurs, the browser sends the original request with the obsolete cookie. This keeps occurring until the expiration time is up on the ticket. IIS keeps sending new cookies but they seem to be ignored. IE, on the other hand, accepts the cookie and you see it in the next request for the keep alive page.

I figure it might be related to caching, but I think I disabled that and it still does it. I'm going to try adding a random code to the KeepAlive url but I can't see why that should matter. Why wouldn't FireFox send the cookies as the values are set? I'm hoping this can be fixed with a simple config change.

I've written a web site that uses IIS Forms Authentication. It's configured to use authentication tickets with a sliding expiration. FireFox allows the ticket to expire while it works fine with Internet Explorer. The web site uses a Keep Alive page that uses the meta refresh tag to periodically post back to the server to keep authenticated. This is done because some users have a need to use another web site that does not run in IIS and we don't want their authentication to time out while they are there. I used Fiddler to monitor the requests and responses and found that when IIS sends the updated cookie with the authentication ticket containing the revised expiration date, the cookie appears to be accepted by FireFox (according to CookieSafe as recorded in the error console Ctrl-shift-J). When the meta refresh occurs, the browser sends the original request with the obsolete cookie. This keeps occurring until the expiration time is up on the ticket. IIS keeps sending new cookies but they seem to be ignored. IE, on the other hand, accepts the cookie and you see it in the next request for the keep alive page. I figure it might be related to caching, but I think I disabled that and it still does it. I'm going to try adding a random code to the KeepAlive url but I can't see why that should matter. Why wouldn't FireFox send the cookies as the values are set? I'm hoping this can be fixed with a simple config change.

Все ответы (1)

more options

I was able to figure out what the problem was. The initial authentication cookie had a blank cookie domain while the new cookies that IIS would try to reissue had a domain name. IE doesn't seem to care but FireFox did. FireFox should have logged an error but instead said it was accepted.

My app works as it's supposed to now.