RoboHelp 9 - Enabling the cookie secure flag

Similar Messages

• I have troubles enabling the cookies, even though I never disabled them, thus I cannot log into my GMAIL account for over two weeks now. What should I do?

  I cannot log into my gmail or facebook account, because it says: cookies are disabled, enable cookies to continue. I tried changing my settings in Firefox - Options - Settings - Privacy - Use custom settings. I did exactly what I was advised in the Firefox Help online, enabled everything, then clicked OK. Didnt work. Tried it again and I only found that the settings (custom settings - enabled everything) were not even saved. I am not able to save these custom settings any way, it never saves them no matter how many times I try and click ok, I come back to the setting to find that they are not there. So I tried clearing all the cookies and cache in history (also found this online in firefox support site), guess what? DIDNT WORK. I am starting to be a little bit pissed off as I cannot log into my gmail or facebook account for over two weeks now! Any time I need to check e-mails I have to use someones laptop.

  If the cookies are enabled in Firefox and you still have problems then you may have security software that is blocking cookies.
  Try to boot the computer in Windows Safe mode with network support (press F8 on the boot screen) as a test to see if that helps.
  If clearing cookies doesn't work then it is possible that the <i>cookies.sqlite</i> file that stores the cookies is corrupted.
  Rename (or delete) <b>cookies.sqlite</b> (cookies.sqlite.old) and delete other present cookie files like <b>cookies.sqlite-journal</b> in the Firefox Profile Folder in case the file cookies.sqlite got corrupted.
  *http://kb.mozillazine.org/Cookies
  *https://support.mozilla.org/kb/Deleting+cookies
  You can use this button to go to the Firefox profile folder:
  *Help > Troubleshooting Information > Profile Directory: Show Folder

• Why does the REQUIRED security flag allow the control flow inspite failure

  Hi,
  I have a small query regarding the security flags of for LoginModule(s).
  When a LoginModule is given a required flag, it allows the login mechanism to continue checking the other login modules. However, the overall login mechanism will fail even if one single module with the required flag has failed.
  Can someone help me understand why is it so. The only reason i can think of is to allow some sort of debugging.
  Thanks

  Thank you for your reply.  I changed the error handling as you suggested on the 2nd lookup to redirect to unmatched rows.  Now I get all greet.  I don't have the conditional split as in your diagram.  But also, nothing appears to have
  happened in the DB.  Aren't the rows in my text file supposed to be added to the FactCurrencyRate table?
  How do I get a conditional split?
  Rich P
  OK, sorry I forgot to reply you back.
  Conditional Split was just dummy task. Ignore it.
  Manipulate the data in such way that you get matching records.
  Inside Source, for first 2 rows I put the dates which are available in DimDate.
  1.00010001,ARS,7/1/2005 0:00,0.99960016
  1.00010001,ARS,2/5/2006 0:00,1.001001001
  1.00020004,ARS,9/5/2001 0:00,0.99990001
  1.00020004,ARS,9/6/2001 0:00,1.00040016
  1.00050025,ARS,9/7/2001 0:00,0.99990001
  1.00050025,ARS,9/8/2001 0:00,1.001001001
  Then in OLE DB Destination, I loaded the rows to TestFactTable.
  (Now, you don't even need NO MATCH OUTPUT as there are matching records here)
  Cheers,
  Vaibhav Chaudhari
  [MCTS],
  [MCP]

• "Error: Cookies are diabled. Please enable them and try again." Where do I go to find the cookies?

  When I go to Firefox, I get this message. "Error: Cookies are
  disabled. Please enable them and try again. Where do I go to enable the cookies?

  * Tools or Firefox > Options > Privacy > Firefox will: "Use custom settings for history" > Cookies
  Press F10 or press and hold the Alt key down to bring up the "Menu Bar" temporarily.
  * https://support.mozilla.com/kb/Cookies
  * https://support.mozilla.com/kb/Enabling+and+disabling+cookies

• My cookies & java script have become disabled. when I click on tools to try and re enable the option selection that is supposed to be at the bottom of the window is missing. what do I do ? I have a mac

  so since the option selection is not there I don't know how to enable the cookies and java script. so i cannot access aol or facebook. I went to your site and downloaded your newest version which i think is 4. in hopes that the option selection would appear in the tools. it did not. please help me with this as to how to fix it as I like firefox.

  Hi,
  Check in Add-ons to see if you have any toolbars installed:
  [[Uninstalling add-ons|Uninstalling add-ons]]
  Because the Ask Toolbar (a custom version I think) is sometimes installed (or offered to be installed) with other programs, such as Foxit Reader.
  Jack

• Enabling End Point Security

  I just want to throw this out here for comments.
  We have been running ZCM for about a year now with all other modules disabled. I'm about to enable End Point Security and wonder what and if there would be anything that will change on the client sides?
  I don't want to enable it and something unexpected happens?
  Any comments would be great.
  Thank you.

  My advice, use a phased approach.
  Enabling ZESM introduces some new features at the agent side. You need to be familiar with those before your users call you.
  Take a couple of machines, and enable the Endoint Security modules at the device level (Override settings inhereted from the Zone). This way, you can test on some machines first. You can also do this at folder level, if you have your devices organized hierarchically.
  Cheers,
  Daniel
  >>>
  From: odegos<[email protected]>
  To:novell.support.zenworks.endpoint-security-management
  Date: 10/12/2011 11:06 am
  Subject: Enabling End Point Security
  I just want to throw this out here for comments.
  We have been running ZCM for about a year now with all other modules
  disabled. I'm about to enable End Point Security and wonder what and if
  there would be anything that will change on the client sides?
  I don't want to enable it and something unexpected happens?
  Any comments would be great.
  Thank you.
  odegos
  odegos's Profile: http://forums.novell.com/member.php?userid=9850
  View this thread: http://forums.novell.com/showthread.php?t=446512

• Create the JSESSIONID cookie with the secure flag

  Hello,
  I wonder if it is possible, through UCM or Weblogic configurations, to automatically create the JSESSIONID cookie used when a user is logged on with the secure flag?
  I have not found any parameters so far that could allow this.
  Thanks in advance!

  We have public Websites running on UCM/SiteStudio which are only accessible through SSL by visitors. The aim is that every cookies should be secure to be sure that they are not transmitted in plain text to our server.
  We thus would like to find a way to put the secure flag on JSESSIONID to avoid any case of session hijacking.
  Thanks.
  Edited by: Leo-G on 17 juil. 2012 23:57

• How to Set up HTTPOnly and SECURE FLAG for session cookies

  Hi All,
  To fix some vulnerability issues (found in the ethical hacking , penetration testing) I need to set up the session cookies (CFID , CFTOKEN , JSESSIONID) with "HTTPOnly" (so not to access by other non HTTP APIs like Javascript). Also I need to set up a "secure flag" for those session cookies.
  I have found the below solutions.
  For setting up the HTTPOnly for the session cookies.
  1] In application.cfc we can do this by using the below code. Or we can do this in CF admin side under Server Settings » Memory Variables
       this.sessioncookie.httponly = true;
  For setting up the secure flag for the session cookies.
  2] In application.cfc we can do this by using the below code. Or we can do this in CF admin side under Server Settings » Memory Variables
       this.sessioncookie.secure = "true"
  Here my question is how we can do the same thing in Application.cfm?. (I am using ColdFusion version 10). I know we can do this using the below code , incase of HTTPOnly (for example).
  <cfapplication setclientcookies="false" sessionmanagement="true" name="test">
  <cfif NOT IsDefined("cookie.cfid") OR NOT IsDefined("cookie.cftoken") OR cookie.cftoken IS NOT session.CFToken>
    <cfheader name="Set-Cookie" value="CFID=#session.CFID#;path=/;HTTPOnly">
    <cfheader name="Set-Cookie" value="CFTOKEN=#session.CFTOKEN#;path=/;HTTPOnly">
  </cfif>
  But in the above code "setclientcookies" has been set to "false". In my application (it is an existing application) this has already been set to "true". If I change this to "false" as mentioned in the above code then ColdFusion will not automatically send CFID and CFTOKEN cookies to client browser and we need to manually code CFID and CFTOKEN on the URL for every page that uses Session. Right???. And this will be headache.Right???. Or any other way to do this.
  Your timely help is well appreciated.
  Thanks in advance.

  BKBK wrote:
  Abdul L Koyappayil wrote:
  BKBK wrote:
  You can switch httponly / secure on and off, as we have done, for CFID and CFToken. However, Tomcat automatically switches JsessionID to 'secure' when it detects that the protocol is secure, that is, HTTPS.
  I couldnt understand this. I mean how are you relating this with my question.
  When Tomcat detects that the communication protocol is secure (that is, HTTPS), it automatically switches on the 'secure' flag for the J2EE session cookie, JsessionID. Tomcat is configured to do that. Coldfusion has no say in it. So, for JsessionID, 'secure' is automatically set to 'false' when HTTP is detected and automatically set to 'true' when HTTPS is detected.
       If this is the case then why I am getting below info for jsessionid (As you mentioned it should set with SECURE flag . Right???). Note that we are using web server - Apache vFabric .And the application that we are using is in https and there is no hit is going from https to http.
  Name:
  JSESSIONID
  Content:
  782BF97F50AEC00B1EBBF1C2DBBBB92F.xyz
  Domain:
  xyz.abc.pqr.com
  Path:
  Send for:
  Any kind of connection
  Accessible to script:
  No (HttpOnly)
  Created:
  Wednesday, September 3, 2014 2:25:10 AM
  Expires:
  When the browsing session ends
  BKBK wrote:
  2]When I checked CF Admin->Server Settings->Memory Variables I found that J2EE SESSION has been set to YES. So does this mean that do we need to set HTTPOnly and SECURE flag for JSESSIONID only or for CF session cookies (CFID AND CFTOKEN ) as well ?.
  Set HTTPOnly / Secure for the session cookies that you wish to use. Each cookie has its pros and cons. For example, the JsessionID cookie is more secure and more Java-interoperable than CFID/CFToken but, from the explanation above, it forbids the sharing of sessions between HTTP and HTTPS.
       I understood that setting thos flags (httponly/secure) is as per my wish. But my question was , is it necessary to set those flags forcf session cookies (cfid and cftoken) as we have enabled J2EE session in CF admin?. Or in other way as the session management is J2EE based do we need to set those flags for CF session cookies?.
  BKBK wrote:
  3]If I need to set HTTPOnly and SECURE flag for JSESSIONID , how can I do that.
  It is sufficient to set the HTTPOnly only. As I explained above, Tomcat will automatically set 'secure' to 'true' when necessary, that is, when the protocol is HTTPS.
       I understood that it is sufficient to set httponly only.but how we will set it for jsessionid?. This is my question. Apache vFabric will alos set secure to true automatically. Any idea??

• Setting secure flag on weblogic (5.1) session cookie.

  Hello All,
            I need to set secure flag on weblogic session cookie. I am not able to
            find any property in weblogic.properties file to set the secure flag for
            session cookie.
            Does anybody has any idea how to achieve this.?
            Thanks
            Nitin
            

  The best way to reduce GC is to change you application to use less memory. Serious.
  There are a number of JVM options for GC. I can't tell you what will work best
  for your application.
  25 seconds is way too long for a GC. Is the OS paging? You may wish to invest
  in additional memory.
  Mike Reiche
  vijendran <[email protected]> wrote:
  Hi,
  I am running a load test which will simulate 100 users. when i tried
  to simulate i found that GC is happening often even though i set the
  heap to 512 MB., and that too some time it takes upto 25 secs. for a
  GC to complete. Please advise on how to increase the performance for
  more number of users (without clustering weblogic) and to avoid GC happening
  often.
  Regards
  Vijendran

• Missing Secure Flag & HttpOnly Flag From SSL Cookie - OWA

  Hello, I'm a bit stuck on this issue for a few days and hoping to get some help on this...
  We are running Exchange 2010 /w SP1 Rollup 6. Server is running great and OWA is on 443. We have two servers for Exchange. One if running the Transport and Mailbox, and the other is CAS. We use IBM for firewall / IDS and we run scheduled penatration tests.
  We came back with two vulnerabilities:
  1) Missing HttpOnly Flag From Cookie
  2) Missing Secure Flag From SSL Cookie
  Their solution is to:
  Add the HttpOnly to all cookies and Add the Secure flag to cookies sent over SSL
  I tried adding this line and playing with the boolean with no luck:
  <httpCookies httpOnlyCookies="false" requireSSL="true" domain="" />
  I set this in the web.config under Program Files\Microsoft\Exchange Server\V14\ClientAccess\Owa
  If I turn httpOnlyCookies="true" it will break OWA
  Any help would be appreicated ! Thanks :)
  Will

  Hi,
  We do not set the cookies to HttpOnly because we require access to certain of these cookies from scripts. 
  So we cannot change this, but we take care to use best practices and safe guards within our code to protect against cross site scripting attacks. 
  So it is by design.
  Xiu Zhang
  TechNet Community Support

• Some websites are saying I need to enable cookies when it is enabled already. I already tried deleting the cookie, deleting all cookies, clearing my cache, and uninstalling and reinstalling Firefox. How do I fix this?

  I am trying to access my school's library database. When I log in to access the library, it tells me that the site needs to verify me by sending me a cookie. There's a link to log in again, but when I click it, it says "404 not found". My privacy settings already have cookies enabled, and I tried deleting the cookie and revisiting the site but the same thing happens. I also tried uninstalling Firefox and reinstalling it, but that didn't work either. I am able to access the library on my iPod Touch, and I've tried other browsers on this compute and I can't access them on other browsers either. So it is clearly some issue with my computer that is preventing me from accessing this library. I don't know how else I can resolve this issue and I need to do so ASAP because my inability to access the library off campus is severely hampering my ability to get my work done.

  See:
  *http://kb.mozillazine.org/Cookies
  *http://kb.mozillazine.org/Websites_report_cookies_are_disabled

• Enable the security configuration for this panel

  Why do my panels built with Configurator sometimes display
  this in Ps Cs4?
  "Please close all panels or restart Photoshop to enable the
  security configuration for this panel"
  Closing panels or restarting Photoshop does not enable the
  panels but exporting from Configurator does enable them. Why do I
  have to keep exporting?

  I believe I have stumbled on the answer to this problem, so I
  would like to pass it along to any other users who have a similar
  problem.
  My experience is that this is an intermittent problem, so I
  asked myself what do I do from time to time that could be causing
  this difficulty. The answer is I use a program called CC cleaner to
  clean out temporary files (that in theory I don't need). I found
  that after running CC cleaner, I have to re-export the
  configuration file (as I get the error message described in an
  earlier posting) so that the configurator panel subsequently opens
  properly when I open up C S 4.
  I immediately ran CC cleaner again and found that it wanted
  to delete only one group of files that were located in the
  following folder:
  C:\Documents and settings\user's name\application
  data\Macromedia\flash player\*.*
  Accordingly, I instructed " CC cleaner", to exclude this
  folder and everything in it (from deletion):
  Now if I run CC cleaner to get rid of all my temporary
  Internet files and other temporary files, but it leaves the above
  folder untouched, and so far the configurator panel opens up
  properly in Photoshop.
  I don't use Windows "disk cleaner" so I'm not sure whether or
  not this cleaner represents a potential problem. In any event it's
  the Macromedia folder described above that causes the problem.
  It's clear that Adobe configurator uses Macromedia flash to
  do its thing, so hopefully I've solve this problem
  long-term.

• How programmatically "enable" the Page to have Item level security

  Some body known how do we programmatically "enable" the Page to have
  Item level security. - analogous to checking the box in the Page edit mode for "Enable item level security"

  Hi, I only know portal.wwsbr_api.enable_ils_for_item.....
  You can perform actions on multiple objects simultaneously.
  Navigator > Page Groups(TAB) > PageGroup > Page > actions(link)
  Click on actions link and in LOV, select "Enable ILS".
  Hope this help.

• I am loading Magic Jack. The error message I get is "Session cookies have been disabled for your web browser. Please enable session cookies so you can register your device." I have followed you process several times. This advice doesn't work. Pls help

  Session cookies have been disabled for your web browser.
  Please enable session cookies so you can register your device.
  The URL is not specified.

  Session cookies have been disabled for your web browser.
  Please enable session cookies so you can register your device.
  The URL is not specified.

• How do I enable the security for my wireless connection?

  How do I enable the security for my wireless connection?

  Enter the setup page (192.168.1.1),  hit the Wireless Tab, then the Security tab.