Internet Explorer reaches new heights of retardedness

Internet Explorer 7 can't set cookies for two-letter domains. No, really! In KB310676, they explain that two-letter domains can't have cookies.

Unless... Unless you set a registry key, aptly called SpecialDomains. It contains a space-separated list of TLDs for which to allow two-letter domain cookies. But wait, there's more: you do it in reverse. Yes, reverse. So for making it work with yo.se, the key should be "es.". Really!

Some people on the Internet have said that Internet Explorer is simply following the URL RFC 2396, which is wrong, because here's what it states:

hostport    = host [ ":" port ]
host        = hostname | IPv4address
hostname    = *( domainlabel "." ) toplabel [ "." ]
domainlabel = alphanum | alphanum *( alphanum | "-" ) alphanum
toplabel    = alpha | alpha *( alphanum | "-" ) alphanum

In other words, domain label is "either an alphanumeric character, or an alphanumeric character followed by any number of alphanumeric characters or dashes, ended by an alphanumeric character."

In other words, it only requires the hostname to be at least one alphanumeric character, and that it might not begin or end in a dash.

So yeah, kind of sucks to be us. Seriously, I have no idea how to work-around this bug. No idea at all.

2009-07-06 @ 10:00:11 Misc. Permalink

Comments
Posted by: asd §

So, did you find a solution for this problem at yo.se? I'm curious.

2009-08-13 @ 01:27:50
Posted by: §

asd: Yes. The issue is only with domain cookies, so I made a dispatching middleware in Django which sends specialized cookies to all User-Agents with "MSIE" in the text. These specialized cookies are session-only cookies, which is a degradation, but we were willing to sacrifice that.

2009-08-19 @ 15:23:04
Posted by: aaloy §

Thank you for your excellent posts and to share your work with us.

Just as a joke concerning this post, yo.se has a meaning in spanish, is traslated as "I know"

2009-09-21 @ 20:26:35
URL: http://trespams.com
Posted by: Adam §

Just one other (untested) idea, although one that makes me cringe: You could try including a tiny Flash file that uses its built-in storage device to store data in a cookie-like container for IE7.

2009-11-09 @ 22:44:32
Posted by: §

Adam: Yeah, we discussed that too, but we'd get a host of other issues accompanying that. We're doing some pretty complicated things with security, and cookies are sort of essential to it.

2009-11-10 @ 00:53:29

Comment the entry:

Name: (required, possibly pseudonym)
Remember me (cookie)

E-mail: (not required, never published, solely for me to reply to you in person)

URL:

Comment:

Categories
Archive
RSS 2.0