Re: saving session cookies?

offset wrote:
Hi Lee,

Thanks for the feedback, however

To my knowledge, session cookies are not stored on disk (by design), at least on any browser that I have used.

That really depends on what the server says (and what you "accept" on the browser). Cookie lifetime is set on server headers, typically session cookies will be only stored on memory if the server did not provide an expiration, but some applications set expiration dates for session cookies (sometimes on purpose) that makes the cookie be stored on disk.

In any case, you might be interested in taking a look at WebScarab, when saving a navigation session you get a few files in the navigation session including a 'cookies' file which includes all cookies that the proxy has seen throughout the session (regardless of expiration information given by the server)

Alternatively, as said previously, you can use the "Add N Edit Cookies" extension in Mozill and use the Cookie Editor to change the expiration dates of the cookies so that you force Mozilla to store them in the cookies file (regardless of what the server says)

Regards

Javier

------------------------------------------------------------------------------
This List Sponsored by: Cenzic

Concerned about Web Application Security? As attacks through web applications continue to rise, you need to proactively protect your applications from hackers. Cenzic has the most comprehensive solutions to meet your application security penetration testing and vulnerability management needs. You have an option to go with a managed service (Cenzic ClickToSecure) or an enterprise software (Cenzic Hailstorm). Download FREE whitepaper on how a managed service can help you: http://www.cenzic.com/forms/ec.php?pubid=10025
And, now for a limited time we can do a FREE audit for you to confirm your results from other product. Contact us at request@xxxxxxxxxx
------------------------------------------------------------------------------

Relevant Pages

  • Re: Session cookies disappear!
    ... It is not IIS it is IE that is dropping cookies and it is by design. ... If the server is a Windows ... >> I recently discovered that my session cookies on the web host disappear ... >> I created some very simple asp scripts (it took me a while until I ...
    (microsoft.public.inetserver.asp.general)
  • Re: Cookies
    ... cookies and uncheck always allow session cookies. ... also have some javascript I'm converting to server-side so javascript can ... Roland Hall ...
    (microsoft.public.windows.server.general)
  • Re: can not get access to security sites
    ... It sounds like you are blocking what is called 'per session cookies' from ... settings for mobile code control, such as limits on ActiveX and Java ... privacy control and Ad blocking features of Norton's Personal Firewall, ...
    (microsoft.public.windowsxp.security_admin)
  • Re: $_SESSION[loggedin] not working properly
    ... $_SESSIONto true if his username and password are OK. ... The user's browser doesn't accept cookies. ... session cookies. ...
    (comp.lang.php)
  • Re: Event driven handler in PHP
    ... php and session cookies. ... PHP does not natively support event interrupt handling. ... When you send input from the browser, a new process or thread is started to handle the input. ...
    (comp.lang.php)