IIS 7 & IIS 8
Known Issues and Workarounds
iis7 and set-cookie
Last post Nov 01, 2011 12:35 PM by HCamper
Apr 24, 2007 06:08 AM|LINK
I assume it is a known issue that IIS 7 will only set the last cookie that is put into the headers by a cgi application.
Is there a timeframe for a fix on this issue.
Apr 28, 2007 12:15 PM|LINK
Jul 21, 2007 04:28 AM|LINK
We have a hotfix available that solves this problem (KB article). We are working on getting the content of the KB to reflect the situation a little more accurately, sorry if it's a little
confusing until we update it. This is the QFE that fixes the problem where IIS7 on Vista prevents all but the last cookie sent by a browser to actually be set.
To get the hotfix, call Microsoft Customer Support Services (800-MICROSOFT or 800-642-7676) and give them the relevant KB article number (932385) and your OS platform. You'll get the hotfix right away.
Sep 25, 2007 10:49 PM|LINK
A fix has now been released for this issue and is available for everyone to download. You can read more about it here:
Sep 04, 2008 11:24 AM|LINK
thank you for sharing... great post
Sep 08, 2009 10:31 PM|LINK
This problem is still happening if you are using a managed HttpFilter to filter FastCGI/PHP.
(Vista SP2, using cgi.dll 7.0.6001.18000, which the hotfix will not update.)
When FastCGI/PHP is done with the request and the filter stream is about to be flushed,
HttpContext.Response.Headers shows only the last Set-Cookie that was set by PHP. Yet, all of the cookies are somehow magically received by the client. This makes me suspect that when the bug was fixed for the hotfix, it was
done in an incomplete way that only addressed the symptom.
It is a problem because I wish to examine the cookies that PHP is setting, on their way to the client.
iis7 fastCGI PHP response headers cookies Set-Cookie
Sep 09, 2009 05:24 PM|LINK
The bug you are hitting now is a bug in asp.net where it cannot provide multiple headers with the same name in the response/request header collections - since the header-name is the key in the collection - workaround would be to use a native module (CHttpModule)
to examine the headers on the way out.
Oct 31, 2011 03:15 PM|LINK
I am facing a similar kind of issue.
I have just upgraded from IIS 6 to IIS 7.The request does not contain any cookiedata.I used fiddler to anlayse ,The response gives a cookie
jsessionId but the request never has ant cookie jsession Id.I am using IE 8,Windows server 2008,IIS 7 and Weblogic 10.3.5
Is there any setting that needs to be done in IIS to maintain cookie data.
Nov 01, 2011 12:35 PM|LINK
Hello @ pink123,
You have a thread
for this question and the discussions will be in that thread.
FYI: If your waiting for a reply from Anil Ruia he left the IIS Team some time ago.
<div class=ForumPostSignature>Anil Ruia
Senior Software Design Engineer
IIS Core Server</div>
He did a lot for the IIS Forums users issues and questions.
He is missed by the IIS Forums users including myself.