I'm completely brain-dead right now. I spent the last few hours trying to track down a very odd issue. In IE (why is it always IE??), and not Firefox, an error would occur when someone would login to the members area of the site I'm working on. The error was being thrown because certain session variables didn't exist.
However, these session variables were being set when you first hit the page. They weren't being set in onSessionStart, but logic was used to check for a cookie (hasFlash), and if the cookie didn't exist, I used BrowserHawk to sniff for Flash, and set session cookies with various bits of info returned from BrowserHawk.
Somehow the session was being destroyed, but the cookie was not.
After a butt load of testing, ten thousand cfdump statements, something finally clicked... I had too many cookies. The member login area had set 5 additional cookies, which was just enough to tick off IE, and make IE dump some cookies, and of course, it dumped the cookies ColdFusion used to mark the session.
I was, of course, aware of the cookie issue. But this site is in it's sixth generation, and things have just slowly grown to the point where it is hard to remember all the values being used and where. So - consider this a warning - and something to look out for in your own code.
Archived Comments
Dude, this same problem nearly *destroyed* all of my sanity (yes I do have some) one night. The folks in HoF straightened me out though. :)
Will
Yep, I've fallen foul of this one too. It took a long time (at least it felt like a long time) to get because I immediately looked for things in my code that might delete the session, which is exactly the wrong place.
Barny
Any chance that this could be the prob we've been talking about in your Galleon forum on a Soundings bug?
This is one of those cases IE follows the standards, and FireFox not (same counts for maximum allowable simultanous HTTP connections which FireFox ignores).
You can have 20 cookies per subdomain maximum. Each cookie is bound to 4kb max. 4Kb is alot space for storage, so need to come up with functionality which serializes and deserialized complex information to a single cookie.
I have posted the complete code for this on HoF some time ago.
dick: I'd be surprised. Soundings doens't use cookies outside of the normal Session cookies.
Oh well, just hoping for a quick win :-)