Why won't asp.net create cookies in localhost?

46
votes

Okay, this is really kinda starting to bug me. I have a simple Web project setup located at: "C:\Projects\MyTestProject\". In IIS on my machine, I have mapped a virtual directory to this location so I can run my sites locally (I understand I can run it from Visual Studio, I like this method better). I have named this virtual directory "mtp" and I access it via http://localhost/mtp/index.aspx. All this is working fine.

However, whenever I try to create a cookie, it simply never gets written out? I've tried this in FF3 and IE7 and it just plain won't write the cookie out. I don't get it. I do have "127.0.0.1 localhost" in my hosts file, I can't really think of anything else I can do. Thanks for any advice.

James

3
cookieslocalhost
What are you using to check for the existence of the cookie?John Sheehan
Could you provide a sample code for the cookie creation part?Darin Dimitrov
Sample code is really required here.Peter Oehlert
@James, consider marking the correct answer. Thanks.Sire
Possible duplicate of stackoverflow.com/questions/1134290/…john ktejik

3 Answers

95
votes

The cookie specs require two names and a dot between, so your cookiedomain cannot be "localhost". Here's how I solved it:

  1. Add this to your %WINDIR%\System32\drivers\etc\hosts file: 127.0.0.1 dev.livesite.com

  2. When developing you use http://dev.livesite.com instead of http://localhost

  3. Use ".livesite.com" as cookiedomain (with a dot in the beginning) when creating the cookie. Modern browsers doesn't require a leading dot anymore, but you may want to use anyway for backwards compability.

  4. Now it works on all sites:

16
votes

Since an answer has never been chosen, I suppose I can still throw something else out there.

One reason you can run into no cookies being written with an application running under localhost is the httpCookies setting in the web.config. If the domain attribute was set to a specific domain and you run under localhost, the cookies did not get written for me.

Remove the domain attribute in development and the cookies are written:

<!-- Development -->
<httpCookies httpOnlyCookies="true" requireSSL="false" />
<!-- Production -->
<!--<httpCookies domain=".domain.com" httpOnlyCookies="true" requireSSL="true" />-->
0
votes

Are you assigning an expiration date to the cookie? By default, the cookie will expire when the browser session expires, meaning it won't write anything to disk.