>

Cookies in EXP and ESC

Answered

Comments

7 comments

Date Votes
  • Seth Halvaksz

    Max - this article has information on Momentus-generated cookies. Does this answer?

    https://supportcenter.ungerboeck.com/hc/en-us/articles/360052441154-Momentus-Generated-Cookies

  • Maximilian Fankidejski

    Seth Halvaksz this does not Include ESC or EXP it is only for Registration. Can we have something similar for the Exhibitor Application (ESC & EXP)?

  • Seth Halvaksz

    I searched documentus, and this is the statement for both ESC and EXP:

    “The only data stored by the cookie for ESC is the language (e.g., English, Deutsch, etc.). That information is a required part of the architecture for the app to function. No further information is pulled through via the cookie.”

    That is in this article:

    https://supportcenter.ungerboeck.com/hc/en-us/community/posts/12431973903511-Use-of-cookies-ESC

    This post confirms it applies to both ESC and EXP:

    https://documentus.zendesk.com/hc/en-us/community/posts/30531620071575

    “Yes, EXP and ESC share the same rules.”

  • Maximilian Fankidejski

    Hi Seth Halvaksz,

    Thanks for your response.

    For a typical customer, we’d be able to address this based on this. However, since MCH is a key client with a strong focus on detail, it would be helpful to have an official statement from the product team regarding the cookies being set.

    I’ve logged into the MCH Database and already see several cookies being stored. It would be great if we could provide MCH with a clear explanation of what each cookie does and why it’s needed.

    Would it be possible to get a short summary or confirmation from the product team? 

    Thanks,
    Max

     

  • Seth Halvaksz

    I will ask engineering for more information on the cookies in the screenshot

  • Seth Halvaksz

    Here is some information on these cookies. Tagging @... to update this article when she has a chance.

     

    Hi Seth,

    AWSALBCORS
    The AWSALBCORS cookie is similar to the AWSALB cookie but is specifically used to support Cross-Origin Resource Sharing (CORS) requests. This cookie is set by the AWS Application Load Balancer (ALB) to manage session stickiness for CORS requests, ensuring that subsequent requests from a client are directed to the same target within the load balancer.
    Key Points:
    •  Purpose: To maintain session stickiness for CORS requests.
    •  Generated By: AWS Application Load Balancer.
    •  Contents: Encoded information about the target to which the client is bound.
    •  Usage: Sent with each CORS request to ensure the request is routed to the same target.

     

    By using the AWSALBCORS cookie, AWS Application Load Balancer can efficiently manage session stickiness for CORS requests, ensuring that user sessions are consistently handled by the same target server.

     

    ASP.NET_SessionID
    The ASP.NET_SessionId cookie is used by ASP.NET applications to maintain session state across multiple requests from the same user. This cookie stores a unique identifier for the user's session, which the server uses to retrieve session-specific data.
    Key Points:
    •  Purpose: To maintain session state for a user.
    •  Generated By: ASP.NET session state management.
    •  Contents: A unique session identifier.
    •  Usage: Sent with each HTTP request to associate the request with the user's session.

     

    By using the ASP.NET_SessionId cookie, ASP.NET applications can efficiently manage user sessions and ensure that session-specific data is maintained as the user navigates through the application.

     

    .ASPXAUTH
    The .ASPXAUTH cookie is used by ASP.NET applications to identify authenticated users. When a user logs in to an ASP.NET application, the server generates an authentication ticket, which is then encrypted and stored in the ASPXAUTH cookie. This cookie is sent with each subsequent request to the server, allowing the server to verify the user's identity and maintain the user's authenticated state across multiple requests.
    Key Points:
    •  Purpose: To maintain user authentication state.
    •  Generated By: ASP.NET authentication mechanisms, such as Forms Authentication.
    •  Contents: An encrypted authentication ticket containing user-specific information.
    •  Usage: Sent with each HTTP request to verify the user's identity.

     

    By using the .ASPXAUTH cookie, ASP.NET applications can efficiently manage user sessions and ensure that users remain authenticated as they navigate through the application.

     

    fs_uid
    fs_uid cookie is primarily associated with FullStory, a digital experience analytics platform. FullStory helps website owners analyze user interactions on their sites by recording sessions and providing insights into user behavior.

     

    Purpose of the fs_uid Cookie:

    The fs_uid cookie stores a unique user identifier assigned by FullStory.
    This identifier allows FullStory to link multiple visits and actions to the same user, enabling session replay and behavioral analytics.
    The cookie is typically used for internal analytics and does not contain personally identifiable information (PII) by default.

  • Linda Moyer

    Got it on the list.

Please sign in to leave a comment.