All versions of Internet Explorer (version 5.5 all the way to version 11) will discard all cookies if the domain has an underscore in it. This can lead to the following issues, which can be quite difficult to debug:
- Cookies are not set on the client system.
- ASP.NET Session variables are lost.
When debugging web applications I can't recommend Fiddler enough. It will be able to pick up these kinds of issues and in this case provides the following warning.
!! WARNING !!: Server hostname contains an underscore and this response sets a cookie. Internet Explorer does not permit cookies to be set on hostnames containing underscores. See http://support.microsoft.com/kb/316112.
It's perfectly legal for a domain to have an underscore in it, so this issue goes against the standard (See RFC 2181, section 11, "Name syntax"). Part of the reason it is hard to debug is that the domain will work fine in all other browsers.
The support article has the following to say about the issue:
So this issue is caused to prevent a security issue on a deprecated version of Internet Explorer. I think it's about time this restriction was removed.
You can vote to fix this issue at Microsoft Connect.