> Using ASP/VBScript, I need to set a cookie on a given site that will be
> readable only by the home page of that site.  (It's a somewhat large
> cookie, I don't want the IIS logs filling up with copies of it alongside
> every single page-hit on the site, and the only page that I need able to
> read it is the site home page.)  Sounds simple enough.  The site's default
> document is default.asp, so the home page is /default.asp.  So I set

>     Response.Cookies("CookieName").Path = "/default.asp"

> (along with the value and expiration settings for the same cookie).  I can
> see the cookie is being set via my IE5 cookie-alert dialogs and looking at
> the cookie files, and it appears correct from those.

> The problem comes when a user hits this site via the domain name alone --
> say http://www.my.site.com/ -- which is probably a/the typical manner in
> which a user will hit the site's home page.  In this case, the ASP code
> reads Request.Cookies("CookieName") as a blank string, suggesting that the
> browser did not send the cookie.  Alternately, if I hit the home page more
> explicitly -- such as with http://www.my.site.com/default.asp -- then the
> cookie is detected just fine.

> I'd guess that the cookie, being targetted to a path of "/default.asp",
> simply isn't being sent by the browser to anything else, including the
> root ("/") which the browser has no way of knowing defaults to
> "/default.asp" on this server.  I can change the path setting on the
> cookie to the root ("/") to fix this, but then it'll send to *all* pages
> on the site, and fill up my IIS logs.  (It's a large and busy site, with
> already large log files.)

> I thought of having the home page detect when the path being hit is "/" as
> opposed to "/default.asp" and redirecting onto "/default.asp", but I don't
> see an easy way for the ASP to do such a detection -- nothing in
> Request.ServerVariables seems to fit the bill.  (An ISAPI filter might be
> able to do it, but that's more trouble than I was hoping to go to.)

> Anyone have any ideas?

> - Thomas Kiefer

> http://msdn.microsoft.com/library/psdk/iisref/glob6t84.htm

> Ton Lok

> > Here's a simple-sounding but non-obvious problem I'm running
across....

> > Using ASP/VBScript, I need to set a cookie on a given site that will
be
> > readable only by the home page of that site.  (It's a somewhat large
> > cookie, I don't want the IIS logs filling up with copies of it
alongside
> > every single page-hit on the site, and the only page that I need able
to
> > read it is the site home page.)  Sounds simple enough.  The site's
default
> > document is default.asp, so the home page is /default.asp.  So I set

> >     Response.Cookies("CookieName").Path = "/default.asp"

> > (along with the value and expiration settings for the same cookie).  I
can
> > see the cookie is being set via my IE5 cookie-alert dialogs and
looking at
> > the cookie files, and it appears correct from those.

> > The problem comes when a user hits this site via the domain name
alone --
> > say http://www.my.site.com/ -- which is probably a/the typical manner
in
> > which a user will hit the site's home page.  In this case, the ASP
code
> > reads Request.Cookies("CookieName") as a blank string, suggesting that
the
> > browser did not send the cookie.  Alternately, if I hit the home page
more
> > explicitly -- such as with http://www.my.site.com/default.asp -- then
the
> > cookie is detected just fine.

> > I'd guess that the cookie, being targetted to a path of
"/default.asp",
> > simply isn't being sent by the browser to anything else, including the
> > root ("/") which the browser has no way of knowing defaults to
> > "/default.asp" on this server.  I can change the path setting on the
> > cookie to the root ("/") to fix this, but then it'll send to *all*
pages
> > on the site, and fill up my IIS logs.  (It's a large and busy site,
with
> > already large log files.)

> > I thought of having the home page detect when the path being hit is
"/" as
> > opposed to "/default.asp" and redirecting onto "/default.asp", but I
don't
> > see an easy way for the ASP to do such a detection -- nothing in
> > Request.ServerVariables seems to fit the bill.  (An ISAPI filter might
be
> > able to do it, but that's more trouble than I was hoping to go to.)

> > Anyone have any ideas?

> > - Thomas Kiefer

Posted At: 18 January 2001 23:27
Posted To: vbscript
Conversation: cookie's path set to home page
Subject: Re: cookie's path set to home page

Thanks, but... I don't see how that would apply.  :-(

Also, our sites have IIS Session state turned off, due to the drag it
creates on such high-load sites.

- Thomas Kiefer

> If I understand it correctly, you need the information on this page:

> http://msdn.microsoft.com/library/psdk/iisref/glob6t84.htm

> Ton Lok

> > Here's a simple-sounding but non-obvious problem I'm running
across....

> > Using ASP/VBScript, I need to set a cookie on a given site that will
be
> > readable only by the home page of that site.  (It's a somewhat large
> > cookie, I don't want the IIS logs filling up with copies of it
alongside
> > every single page-hit on the site, and the only page that I need
able
to
> > read it is the site home page.)  Sounds simple enough.  The site's
default
> > document is default.asp, so the home page is /default.asp.  So I set

> >     Response.Cookies("CookieName").Path = "/default.asp"

> > (along with the value and expiration settings for the same cookie).
I
can
> > see the cookie is being set via my IE5 cookie-alert dialogs and
looking at
> > the cookie files, and it appears correct from those.

> > The problem comes when a user hits this site via the domain name
alone --
> > say http://www.my.site.com/ -- which is probably a/the typical
manner
in
> > which a user will hit the site's home page.  In this case, the ASP
code
> > reads Request.Cookies("CookieName") as a blank string, suggesting
that
the
> > browser did not send the cookie.  Alternately, if I hit the home
page
more
> > explicitly -- such as with http://www.my.site.com/default.asp --
then
the
> > cookie is detected just fine.

> > I'd guess that the cookie, being targetted to a path of
"/default.asp",
> > simply isn't being sent by the browser to anything else, including
the
> > root ("/") which the browser has no way of knowing defaults to
> > "/default.asp" on this server.  I can change the path setting on the
> > cookie to the root ("/") to fix this, but then it'll send to *all*
pages
> > on the site, and fill up my IIS logs.  (It's a large and busy site,
with
> > already large log files.)

> > I thought of having the home page detect when the path being hit is
"/" as
> > opposed to "/default.asp" and redirecting onto "/default.asp", but I
don't
> > see an easy way for the ASP to do such a detection -- nothing in
> > Request.ServerVariables seems to fit the bill.  (An ISAPI filter
might
be
> > able to do it, but that's more trouble than I was hoping to go to.)

> > Anyone have any ideas?

> > - Thomas Kiefer

> You could make your www.domain.com/default.asp consist of one redirect
> line...

> i.e. Response.Redirect("/home.asp") 'Or to some other not used script
> name site wide

> Then set your cookie's path:

> Cookies("CookieName").Path = "/home.asp"

> The cookie will then definitely be exclusive. I just tested this with
> II5 and it works OK.

> Simon Allen

> > > Using ASP/VBScript, I need to set a cookie on a given site that will
> be
> > > readable only by the home page of that site.  (It's a somewhat large
> > > cookie, I don't want the IIS logs filling up with copies of it
> alongside
> > > every single page-hit on the site, and the only page that I need
> able
> to
> > > read it is the site home page.)  Sounds simple enough.  The site's
> default
> > > document is default.asp, so the home page is /default.asp.  So I set

> > >     Response.Cookies("CookieName").Path = "/default.asp"

> > > (along with the value and expiration settings for the same cookie).
> I
> can
> > > see the cookie is being set via my IE5 cookie-alert dialogs and
> looking at
> > > the cookie files, and it appears correct from those.

> > > The problem comes when a user hits this site via the domain name
> alone --
> > > say http://www.my.site.com/ -- which is probably a/the typical
> manner
> in
> > > which a user will hit the site's home page.  In this case, the ASP
> code
> > > reads Request.Cookies("CookieName") as a blank string, suggesting
> that
> the
> > > browser did not send the cookie.  Alternately, if I hit the home
> page
> more
> > > explicitly -- such as with http://www.my.site.com/default.asp --
> then
> the
> > > cookie is detected just fine.

> > > I'd guess that the cookie, being targetted to a path of
> "/default.asp",
> > > simply isn't being sent by the browser to anything else, including
> the
> > > root ("/") which the browser has no way of knowing defaults to
> > > "/default.asp" on this server.  I can change the path setting on the
> > > cookie to the root ("/") to fix this, but then it'll send to *all*
> pages
> > > on the site, and fill up my IIS logs.  (It's a large and busy site,
> with
> > > already large log files.)

> > > I thought of having the home page detect when the path being hit is
> "/" as
> > > opposed to "/default.asp" and redirecting onto "/default.asp", but I
> don't
> > > see an easy way for the ASP to do such a detection -- nothing in
> > > Request.ServerVariables seems to fit the bill.  (An ISAPI filter
> might
> be
> > > able to do it, but that's more trouble than I was hoping to go to.)

> > > Anyone have any ideas?

> > > - Thomas Kiefer