Microsoft KB Archive/275033

= Cookies Are Not Saved If the Host Name Is Invalid =

Article ID: 275033

Article Last Modified on 10/29/2003

-

APPLIES TO


 * Microsoft Internet Explorer 5.5
 * Microsoft Internet Explorer 5.01

-



This article was previously published under Q275033



SYMPTOMS
After you install Internet Explorer 5.01 Service Pack 1 (SP1), cookies are not saved when you connect to a site such as:

http://test_server. .com



CAUSE
You cannot connect to the site because of a security enhancement that is documented in the following Microsoft Knowledge Base article:

258430 Web Site May Retrieve Cookies from Your Computer

This change strictly enforces the domain name restrictions as defined in the Request for Comments (RFC) documents to prevent malicious Web sites from accessing cookies from another site. Cookies are also rejected if the domain that is specified by the cookie header does not contain at least one embedded period or if the domain is not a suffix of the document's domain.

Cookies are accepted if the path that is specified in the set cookie header is a prefix of the document's path and the domain that is specified in the set cookie header.

Cookies are also rejected if the expire time has passed.



RESOLUTION
If your host name contains an invalid character such as &quot;_&quot; you need to gain access to the site by using the IP address instead of the name, or change the host name to a valid name.

If the host name is valid, correct any of the other conditions that are described in the &quot;Cause&quot; section.



STATUS
This behavior is by design.

Keywords: kbenv kbprb KB275033

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.