This is a common question we are asked when BrowserHawk users first start experimenting and testing the CookiesEnabled property.
The problem stems from the fact that IE is NOT actually blocking the cookies, despite your configuration in the browser to disable the cookies.
This issue typically occurs only when testing over your local network, or on your local machine (as the case when your test web server and browser reside on the same machine).
BrowserHawk is specifically designed to tell you whether cookies are indeed being accepted or rejected. In the case where IE is allowing the cookie despite your setting, BrowserHawk is accurate in reporting cookies are still enabled.
You can prove that despite your disabling cookies IE is still accepting them in one of two ways. One way is to create two test scripts called setcookie.asp and getcookie.asp. In setcookie.asp create a test cookie. In getcookie.asp, display the results of the test cookie. With your browser set to disallow cookies, hit setcookie.asp and then getcookie.asp and you will see that the cookie is actually being set.
The other way to test this is to use a trace utility to look at the data going by. You will then be able to see the cookie being transmitted in the browser headers.
So what can you do about it? Well, the main thing to keep in mind is that this problem only occurs in a testing environment - it does not occur in real-world scenarios where visitors from outside your network are hitting your pages.
One thing you can try that many customers have reported success with is to explictly block 127.0.0.1 from accepting cookies in your browser, and then using that IP to test your cookie detection script. To set your browser in this way follow these steps:
After performing these steps, try accessing your web site as http://127.0.0.1/pathToCookieCheck/cookietest.asp. Note that you must use 127.0.0.1 and not localhost for this test.
- In the IE menu go to Tools->Internet options->Privacy tab
- Click on the Edit button on the bottom of the dialog
- In the "Address of web site to block" field enter 127.0.0.1 and press the Block button
- Press the OK buttons to close out of the open dialogs
Additional keywords: cookies disabled