Hello and welcome to our community! Is this your first visit?
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 5 of 5
  1. #1
    Senior Coder Spudhead's Avatar
    Join Date
    Jun 2002
    London, UK
    Thanked 110 Times in 109 Posts

    Cookie values. Is this me, or it is a bit... weird?

    Err. Bit of an odd one.

    So I'm doing some work on my site - adding in a xmlhttp request to pull in my rss feed and display it.

    I'm working away, Firebug in the bottom of my screen, and I see the request fire off as the page loads. And I see the following sent as a cookie in the request headers:

    sageamp=sageampNQNUQ363%7CsageampPWSPD536%7C; uts9.zid=93; __utmz=12146471.1207310707.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none); p.med.r9Origin=LGW; CFID=8584114; smuid=22042008-0-87194123233303691208876454; __utma=12146471.974637617.1207310707.1207310707.1207310707.1; uts9.aid=963; CFTOKEN=21690652http%3A%2F%2Feconomist%2Eco%2Euk%2Fdisplaystory%2Ecfm%3Fstory%5Fid%3D9249262; CFMAGIC=8584114%3A21690652http%3A%2F%2Feconomist%2Eco%2Euk%2Fdisplaystory%2Ecfm%3Fstory%5Fid%3D92492 62; camp=sageampNQNUQ363%60%60Tue%2C%2022%20Apr%202008%2015%3A00%3A52%20GMT%7CsageampPWSPD536%60%60Tue%2 C%2022%20Apr%202008%2015%3A00%3A52%20GMT%7C; ASPSESSIONIDASDRSTCQ=BHBCNNGDNBGFMMNHKNIKKEKM; ASPSESSIONIDCQDRTSDR=NIDPBKDACCADHBJIAIOGMHBG
    What the.... ? Why have I got "CFTOKEN" and "CFMAGIC" values being sent? And what on earth are they pointing at The Economist for?

    This is a site on MY server. It's pullung an xml file on my server. It's a pure IIS windows box, it's not running Coldfusion. Where have those values come from, and why are they getting sent?

    Hmmm. This gets more and more suspicious. Googling "sageamp"... targetted advertising, partnerships with ISP's... it seems I'm being spied on....

  • #2
    Regular Coder Stooshie's Avatar
    Join Date
    Mar 2008
    Dundee, Scotland
    Thanked 39 Times in 39 Posts
    Does it happen on every site you go to, or just your own?
    Regards, Stooshie

  • #3
    New to the CF scene
    Join Date
    May 2008
    Thanked 0 Times in 0 Posts
    I have been investigating this exact issue, and I think it might be either a bug in Firefox, either existing or fixed, where the cookies are left over.

    I have several lines in my cookies.txt file (FF2) with the domain set to ".co.uk", which means those cookies are being sent to ALL .co.uk sites. I have read about an old bug where browsers would allow cookies to be set to this domain, but I am pretty sure that none of the cookies involved are that old.

    For example I have these lines:

    .co.uk TRUE / FALSE 2075208390 p2.med.r9Origin BWI
    .co.uk TRUE / FALSE 2034845104 pk.med.r9Origin LON

    I searched a few sites for flights from LON<>BWI recently, certainly no earlier than March time. I can't pinpoint which site it could have been (several let you search on LON as all London airports), but I use kayak mainly. Searching on "r9Origin" brings a couple of results with people reporting the same issue, and it's how I found this forum.

    Also I have the line:

    .co.uk TRUE / FALSE 1239854397 UndercoverUK LastVisit=4&#37;2F16%2F2008 [etc]

    UndercoverUK is an ecommerce site that I may well have visited around that time - I was looking for wallets I think, interestingly it's a .com though.

    I also have the sageamp/camp cookies set to .co.uk too.

    I am busy right now but I'll do some digging later and see if I can reproduce it. edit: I should add, our ISP is Zen, and nothing to do with Phorm.

  • #4
    New to the CF scene
    Join Date
    Mar 2009
    Thanked 0 Times in 0 Posts
    There was a long outstanding bug with Firefox, where a web site could set a cookie with .co.uk. as the domain:


    I think it was fixed in FF2 though.

    Kayak is the site that sets the p2.med.r9Origin cookie when you click the search button. However, in a quick test it seems like they're setting it with the correct domain now:

    Set-Cookie: cluster=2; Domain=.kayak.co.uk; Path=/
    Set-Cookie: p2.med.r9Origin=LON; Domain=.kayak.co.uk; Expires=Fri, 26-Jun-2009 13:08:09 GMT; Path=/
    Set-Cookie: p2.med.sc=1; Domain=.kayak.co.uk; Expires=Fri, 26-Jun-2009 13:08:09 GMT; Path=/

    However, I just saw a request from a Firefox 3.0.2 client to a site I administer who has various cookies not set by my domain:


    I think most of the other cookies are from Sagemetrics, a metrics/tracking company. But again, I couldn't reproduce their site setting cookies on .co.uk.


  • #5
    Supreme Master coder! _Aerospace_Eng_'s Avatar
    Join Date
    Dec 2004
    In a place far, far away...
    Thanked 1,043 Times in 1,019 Posts
    FYI this thread is over a year old.


    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts