Any way to read a secure cookie?

[denoxis]

Hi,

I have this e-commerce site. I have been writing customer IDs to a cookie, so I can help those people to log in easier. However, I have written the cookies on the secure side with secure property set to True. Therefore I can only read them from the secure side (HTTPS). Now I also want to read them from the non-secure side (the domain name is the same). I couldn't do it whatever I try. The last workaround I tried was calling the read_cookie.asp from the secure side via XMLHTTP:

read_cookie.asp
---------------
the_id = request.cookies("the_id&quot
response.write the_id


show_cookie.asp
---------------
Dim objXMLHTTP, xml
Set xml = Server.CreateObject("Microsoft.XMLHTTP&quot
xml.Open "GET", "

https://xxxxxxxxx/read_cookie.asp",

False
xml.Send
Response.Write xml.responseText
Set xml = Nothing

https://xxxxxxxxx/read_cookie.asp

--> Works

http://xxxxxxxxx/show_cookie.asp

--> Doesn't work

https://xxxxxxxxx/show_cookie.asp

--> Doesn't work

Are there any other workarounds to read a secure cookie from the non-secure side of the same web site?

Thanks.

 

[lebisol]

how about u turn that cookie into a session variable-ones u grab it at the page that does work?!
just a though..I have a very little knowledge of cookies...
All the best!

> need more info?
:: don't click HERE ::

 

[denoxis]

I can change the code like that, but I will have to wait for all the customers to login again.

 

[lebisol]

again I am just giving out ideas (not enough experience here):
-user loggs in (session variable= userID) and then later create another (the same cookie) from this session. ones the user is logged in u can keep the session var as long as u want (or set it to) andperhaps with some hidden fields/text submits or whatever u can generate this cookie?no?
well, I hope it "triggers" something
all the best!

> need more info?
:: don't click HERE ::