ASP May Improperly Parse Cookies Containing a Plus Sign (234016)
The information in this article applies to:
- Microsoft Internet Information Server 4.0
This article was previously published under Q234016 SYMPTOMS
If a client-side cookie is written from a browser with JavaScript that contains a plus sign (+) in the string, IIS 4.0 returns the space character " " instead of the plus sign (+), as stored in the cookie.
CAUSE
This is by design.
WORKAROUND
It is recommended that any script requiring non-standard characters use URL style encoding (RFC 1738) for cookie handling, including the plus sign (+). The workaround is to use an escaped plus sign or space when you create cookies using client-side scripts.
STATUSMicrosoft has confirmed that this is a problem in Internet Information Server 4.0.
| Modification Type: | Major | Last Reviewed: | 10/10/2003 |
|---|
| Keywords: | kbbug kbpending KB234016 |
|---|
|