-
ASP Cookie Checking?
Lo oh knowlegable peeps :)
We're thinking of installing a commission type thing for banner adverts on the company website, paying commission on every sucessful holiday booking referred to us by these banner ads..
However, the integration of the tracking code requires us to send this company *every* order number and sale total regardless whether it orignated from them or not, with us relying on them to filter out which sales apply to them, and which that don't.
Obviously we don't really want to be sending them details of everything we do, so I was thinking of implementing a script to check for the existence of this tracking cookie, and if so, insert the tracking code..
I know I can do a request.cookies statement, but how do I tell it which cookie to check for? I've looked through the temporary internet files directory and found the referral cookie, but how do I know which part of it is actually the cookie's name, and which bits are the "key" ?
-
Not sure how it works in ASP but cookies are generally passed as an array with the key being the cookie name and the value being the cookie value so
cookie[hexus.net]=username
where hexus.net is the key and username is the value
-
here's an example cookie if it helps:
Code:
LCLK
cjo!w5wr-f13zm83
emjcd.com/
1024
3832854656
30061089
360625952
29693963
*
S
8uvf9u-509750687-1108986197370-xq
emjcd.com/
1024
3832854656
30061089
360625952
29693963
*
-
Isn't cross-site cookie access usually blocked, for security reasons?
If a client visits www.somesite.com and a cookie is created (username@www.somesite.com.txt), then a redirection occurs and the user ends up at www.someothersite.co.uk, the client will only look for a cookie called username@www.someothersite.co.uk.txt ?
Disclaimer:
I am not presenting this as fact, my knowledge of cookies is very slim, and I've only used cookies in ASP to store autologin and country/time offset details for a games forum I was running a couple of years ago.
The reason I think it is like this is that a site could request cookies for well-known bank sites, auction sites, games sites (for example) and read information from them to post back to the dodgy server... but maybe I'm wrong and there is a better "permission" system for cookies to trust 3rd party sites?
-
as Paul said cookies are only viewable by the generating site for security reasons.
Just FYI, in the example you've got, LCLK and S are the keys, and 'cjo!w5wr-f13zm83' and '8uvf9u-509750687-1108986197370-xq' are the values. emjcd.com is the generating site, and the other values are just generated for maintenance - max key length and datestamps IIRC.
-
ahh bugger.
Thanks anyway guys :)