How AuthFilter Verifies Cookies
AuthFilter performs the following steps to check whether the client browser supports cookies:
- It sends a redirect to the browser while setting a cookie and setting a querystring flag. If the cookie comes back with the redirected query and querystring flag, then AuthFilter knows the browser supports cookies.
- If the browser does not support cookies, the redirected query returns without the cookie. AuthFilter detects the querystring flag (which is always returned) and redirects the browser to the Nocookie.asp page.
- This check only occurs at the beginning of a session when no cookie has been set and the user has not logged in.
Copyright © 2005 Microsoft Corporation.
All rights reserved.