0

I have a client application which will call the web method and pass two values (order and Amount). The web method will set the values in Session/Cookie. Now the client application will redirect to other web site, the web site should be able to get the order and Amount values either by Session/Cookie. I cannot use it as query string due to security issue. Kindly help me with a proper solution. The code in web service is as follows:

    [WebMethod(EnableSession = true,Description="SetValues")]
    public void CallService(string orderNumber, double amount)
    {
        if (orderNumber != null && orderNumber != string.Empty)
        {               
          Context.Session["OrderID"] = orderNumber;
          Context.Session["Amount"] = amount; //Tried Session but did no work            
         //Tried Setting the value in Cookie 
          HttpCookie OrderID = new HttpCookie("OrderID",orderNumber);
          HttpCookie Amount = new HttpCookie("Amount", amount.ToString());
          OrderID.Expires = DateTime.Now.AddHours(3);
          Amount.Expires = DateTime.Now.AddHours(3);
          Context.Response.SetCookie(Amount);
          Context.Response.SetCookie(OrderID);
        }
}

//The code to get the values from Cookie 

        Service.ServiceAPISoapClient e1 = new Service.ServiceAPISoapClient();           
           e1.CallEISService("12e", 121);
 string amount= Request.Cookies["Amount"] != null?  Request.Cookies["Amount"].Value:"";
psobhan
  • 625
  • 3
  • 11
  • 36

2 Answers2

0

Cookies are always bound to a single domain. You cannot use your cookies in any other domain for security reasons.

AgeDeO
  • 3,137
  • 2
  • 25
  • 57
  • @luc-Is there any other way to pass values from one application to another. – psobhan Dec 13 '12 at 12:12
  • @psobhan can you set HttpHeaders for the request? – Murali Murugesan Dec 13 '12 at 12:13
  • 1
    Maybe it is an idea to store the data in a database with a hash code as ID. Send the Hashcode with a POST or GET request to the other site , retrieve the data, Store it in a Session and delete the row in the database. I guess it is a security leak but I don't know any other way. – AgeDeO Dec 13 '12 at 12:15
0

Usually to send info from one site to another all people use a form...

Put two hidden controls into a form. Then when submit the form you can read the values from these controls...

bluish
  • 26,356
  • 27
  • 122
  • 180
lem2802
  • 1,152
  • 7
  • 18