Thursday, August 27, 2009

Why are my HTTP cookies rejected by IE?

One of our customers had a problem with HTTP session management on his Java Web Server when using IE. It worked fine with FireFox.

We saw that the server returned a session ID cookie, but the session ID was not sent by IE in the following HTTP requests.

I found out that cookies are blocked in IE if the server name contains characters that are not supported by Domain Name System (DNS). For example, you cannot use underscore characters (_) in the server name. This behavior is by design.

This issue is mostly relevant for Intranet sites; most DNS systems will prohibit use of underscores in hostnames due to the LDH rule.

No comments:

Post a Comment