[thelist] Personal firewalls and web apps

Johnson, Christopher (MTO) Christopher.Johnson at mto.gov.on.ca
Thu Jun 17 08:14:08 CDT 2004

First question that needs to be asked is how are their machines setup in
terms of accepting cookies? As for the firewalls, most firewalls will allow
solicited traffic through on port 80 without any problems. Since you are
using cookies to maintain state from page to page, I would look at that
first. There is the possibility that the firewalls (or paranoia devices) are
cleaning up the cookies after the user leaves the page, thus disabling the
session info (but this is just a guess).


-----Original Message-----
From: Bird, Graham

We are currently running an online survey which uses a multi-page form with
session cookies.

Several users have reported not being able to progress past the first or
second page. They all seem to have either a personal firewall or some other
sort of "ACME Internet Attack Paranoia Device".

Can anyone shed any light on what is going on? The personal firewalls and
such *could* be a red herring, but it seems rather coincidental otherwise.

More information about the thelist mailing list