I like to think that my development team is full of competent and capable people, and not one of them was aware of this: Internet Explorer has a limitation on the number of cookies per domain (MSDN Reference).
From: “Number and size limits of a cookie in Internet Explorer” http://support.microsoft.com/default.aspx?scid=kb;en-us;306070 Microsoft Internet Explorer complies with the following RFC 2109 recommended minimum limitations: at least 300 cookies at least 4096 bytes per cookie (as measured by the size of the characters that comprise the cookie non-terminal in the syntax description of the Set-Cookie header) at least 20 cookies per unique host or domain name
From: “Number and size limits of a cookie in Internet Explorer” http://support.microsoft.com/default.aspx?scid=kb;en-us;306070
Microsoft Internet Explorer complies with the following RFC 2109 recommended minimum limitations:
We recently started having random authentication problems with our eLearning platform. It turns out that our application, plus everyones favorite Single-Sign On, plus SCORM, plus courseware created by third-party vendors created enough cookies to blow the top off the cookie jar. IE can only handle 20 cookies. Create a 21st cookie, and the oldest cookie is given the axe, which is generally an authentication cookie, a session ID, or some other very important cookie (as the ‘elders’ usually are).
So, be aware of your cookie jar. Monitor the number of existing client-side cookies in use when testing that new application. Harass other developers if they start using too many. Keep yours hands out of the cookie jar!
Oh, and don’t forget to encrypt them (but that’s a different post topic).
Remember Me