Outside the Cube (7611)
Web publishing (65)
about DelphiFAQ (14)
perl CGI (3)
Web Hosting (8)
New related comments
Number of comments in the last 48 hours
Referer spam in my web server's log files
How to update a htdig search engine database
Regular expressions in Homesite
My font-weight property in CSS is ignored
Can log into web site using FireFox, but not using Internet Explorer
This article has not been rated yet. After reading, feel free to leave comments and rate it.
Question:I can log into our corporate web site if I use FireFox, but not if I use Internet Explorer. It's FireFox 1.5 and IE 6.0
Answer:Does your web site use a cookie to keep the session / you authenticated? I looked at your system and found that your server sends a cookie that expires within 10 minutes. Then I found that your server time was a full hour behind the client machine.
The cookie contains
the expiration time as a string in this format:
.. expires: 18:15 GMT..
In the specific case, the server time was 1 hour behind. The client computer had a current time of 19:05 GMT and the cookie had actually expired 50 minutes ago (instead of going to expire in +10 minutes)
Firefox ignores this and still accepts the cookie, even though it expired in the past. One could consider this to be a bug.
Internet Explorer is more strict and rejects this cookie (as it should!)
The solution is that the server should have the correct time. The client machine ideally should also have the correct time, at least within 5 minutes.
Since the cookie is set to expire in 10 minutes, it would be problematic if the client machine's clock is 10 ore more minutes "fast".
It will not be a problem if the client machine is "behind" on the time ("slow clock").
For the server, it is a problem if the server is "behind" ("slow server clock"). It is not a problem if the server clock is "fast" (ahead).
But best is, simply to have all involved machines use ntp to have correct time.