|
#1
11-19-2007, 01:50 AM
|
|||
|
|||
|
cookie problem in VB.net
hello,
I am writing the Following coding for preventing Session Fixation attack in ASP.Net website, but I could not retrieve the cookie added and the value of cookie_value remains blank. Code:
Imports System.Web.UI.WebControls
Imports System.Web.HttpResponse
Imports System.Security.Cryptography
Public Class AntiFixation
Inherits System.Web.UI.Page
#Region " Web Form Designer Generated Code "
'This call is required by the Web Form Designer.
<System.Diagnostics.DebuggerStepThrough()> Private Sub
InitializeComponent()
End Sub
Protected WithEvents TextBox1 As System.Web.UI.WebControls.TextBox
'NOTE: The following placeholder declaration is required by the Web Form
Designer.
'Do not delete or move it.
Private designerPlaceholderDeclaration As System.Object
Private Sub Page_Init(ByVal sender As System.Object, ByVal e As
System.EventArgs) Handles MyBase.Init
'CODEGEN: This method call is required by the Web Form Designer
'Do not modify it using the code editor.
InitializeComponent()
End Sub
#End Region
Private Sub Page_Load(ByVal sender As System.Object, ByVal e As
System.EventArgs) Handles MyBase.Load
'Put user code to initialize the page here
End Sub
Private Function RandomString(ByVal l)
Dim value, i, r
Randomize()
For i = 0 To l
r = Int(Rnd * 62)
If r < 10 Then
r = r + 48
ElseIf r < 36 Then
r = (r - 10) + 65
Else
r = (r - 10 - 26) + 97
End If
value = value & Chr(r)
Next
RandomString = value
End Function
' This routine should be called after the user has been authenticated.
' It is expected that the session has been invalidated prior to this call.
Public Sub AntiFixationInit()
Dim value
value = RandomString(10)
Dim cookie1 As HttpCookie
cookie1 = New HttpCookie("CLoginSessionID", value)
cookie1.Path = "some path given
cookie1.Value = value
HttpContext.Current.Response.Cookies.Add(cookie1)
Session("LoginSessionID") = value
End Sub
Public Sub AntiFixationVerify(ByVal LoginPage)
Dim session_value
Dim cookie_value as HttpCookie
If (Not (cookie_value Is Nothing)) Then
cookie_value =
HttpContext.Current.Request.Cookies("CLoginSessionID")
Session("cooki") = cookie_value.values
Dim val
If (Not (cookie_value Is Nothing)) Then
val = cookie_value
End If
End If
session_value = Session("LoginSessionID")
If (Not (HttpContext.Current.Request.Cookies("CLoginSessionID") Is
Nothing)) Then
If Trim(cookie_value) <> Trim(session_value) Then
HttpContext.Current.Response.Redirect(LoginPage)
End If
End If
End Sub
End Class
Please help me , how to get the value of cookie - cookie_value Thank you Last edited by Hack; 11-19-2007 at 08:07 AM. Reason: Added Code Tags 
|
|
#2
11-19-2007, 08:08 AM
|
||||
|
||||
|
Welcome to DevX
 I edited your post and added [code]your code goes here[/code] tags. As you can see, it makes reading posted code so much easier.  My first question would be are you certain the cookie is not empty to begin with?
__________________
I don't answer coding questions via PM or Email. Please post a thread in the appropriate forum section. Please use [Code]your code goes in here[/Code] tags when posting code. Before posting your question, did you look here? Got a question on Linux? Visit our Linux sister site. Modifications Required For VB6 Apps To Work On Vista  Microsoft MVP 2005/2006/2007/2008/2009
|
 |
| Bookmarks |
«
Previous Thread
|
Next Thread
»
| Thread Tools | Search this Thread |
| Display Modes | Rate This Thread |
Linear Mode
|
|
Similar Threads
|
||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| vb.net Publishing Problem | Chris Yard | .NET | 4 | 09-19-2007 09:47 AM |
| VB6 to VB.Net " FileGet" conversion problem | Mr. Wok | .NET | 8 | 01-25-2007 09:45 AM |
| VB.NET XSLT conversion problem with character refrences | Michael | .NET | 0 | 12-11-2002 06:05 AM |
| httpcookie problem | AAnthony | .NET | 0 | 06-11-2001 06:32 AM |
| array declarations in VB.NET | Bill McCarthy | .NET | 14 | 04-10-2001 06:03 AM |
All times are GMT -4. The time now is 10:34 AM.