IE10 User-Agent causes ASP.Net to not send back Set-Cookie (IE10 not setting cookies)

The problem rests with some IIS instances thinking that IE10 is a cookieless browser (i.e. cant support cookies). In our problem case the server was setting the authentication cookie and sending it back to the browser, but was then ignoring the cookie on subsequent requests.

The solution is to either patch the browser capabilities so that it knows IE10 can do cookies (outlined in another answer on this page), or change the default behaviour to force it to use cookies even if it thinks the browser can’t do cookies.

We just added the following to our forms section in web.config:


<authentication mode="Forms">
  <forms name=".AUTH" cookieless="UseCookies" loginUrl="" timeout="10000" path="" />

Leave a Comment