[Web4lib] Session Cookie Problems when Patrons Use IRS Free File
Micah Stevens
micah at raincross-tech.com
Thu Jan 25 17:13:22 EST 2007
IE has in my opinion dealt with cookie security in a strange way. As
many web applications require a session data set to give you the
features you want in this day and age, cookies are very helpful, and
should present little security risk other than you can be fairly easily
tracked.
Allowing cookies I feel is not only fairly risk-free, but required on
many sites. You should be able to go into advanced settings and enable
the free use of cookies without modifying other parameters that may be
changed when you set your security level to 'low'.
I recommend this to all of my clients and haven't had an issue so far.
-Micah
On 01/25/2007 02:02 PM, dschumann at trlib.org wrote:
> Several patrons have reported problems using the IRS Free File web site
> from our public Internet computers. They get an error message saying:
>
>
> Browser Configuration Change Required
>
> In order to use this application, your browser must be configured to
> accept session cookies. It appears that either session cookies have been
> disabled in your browser, or your browser does not support cookies at
> all. To use this application, please enable support for session cookies
> in your browser, hit the back button, and try again.
>
>
>
> Although we allow session cookies on our public computers, in IE we have
> set Privacy to Medium, which:
>
>
>
> * Blocks third-party cookies without a compact privacy policy.
> * Blocks third-party cookies that use personally identifiable
> information without your explicit consent
> * Restricts first-party cookies that use personally identifiable
> information without implicit consent.
>
>
>
> When I changed the privacy setting to Low, which removes the restriction
> on first-party cookies, I was able to get past the session cookie error
> page.
>
>
>
> Have any other libraries encountered this issue? If so, are you
> considering lowering the privacy setting in IE?
>
>
>
> At this stage, we aren't looking at changing browsers. We are using IE 6
> and have locked it down using a combination of AD settings and
> WinSelect.
>
>
>
> Thanks for any collective wisdom that can be shared!
>
>
>
> Donna
>
>
>
> ********************************
>
> Donna Schumann
>
> Timberland Regional Library
>
> 415 Tumwater Blvd.
>
> Tumwater, WA 98506
>
> 360-704-4542
>
> dschumann at trlib.org
>
>
>
> _______________________________________________
> Web4lib mailing list
> Web4lib at webjunction.org
> http://lists.webjunction.org/web4lib/
>
More information about the Web4lib
mailing list