The following code line

Response.Cookies("test")= "__cf_mob_redir"

will produce a cookie named “test” whith value “%5F%5Fcf%5Fmob%5Fredir”

Perhaps is not what we wanted.

Even if we could decode the result when reading the cookie that string is very ugly. Could also happen that our responsibility is limited to write the right value and someone else will take care of reading the expected value.

What to do?

First, is useful to know that encoding the special character _ (underscore) in ASP as chr(95) or as HTML entity &#95 will not solve the situation. The same for any other special characters.

Second, is better to underline that not always we want to send an html body as response, since sometimes we want just send headers. In case we want to send a body the following lines are a nice style exercise to write javascript through ASP code.

Response.Write("<script type="&chr(34)&"text/javascript"&chr(34)&">")
jjj1 ="document.cookie="&chr(34)&"YOURcookiename=__cf_mob_redir"&chr(34)

In this way our cookie variable value will be exactly what we wanted “__cf_mob_redir”.

But what if we need absolutely to send only the headers, for example to avoid the page be returned before being able to set the cookie and send a header response?

This line is the answer.

Response.AddHeader "Set-Cookie", "nameKey=__cf_mob_redir; HttpOnly"