Simon, I don't have any great ideas, but here are a couple of questions that may help your troubleshooting. These aren't really specific to your Word doc problem, but then, I'm skeptical that the problem is unique to the fact that Word is involved. MSIE still requests the doc, and I don't think it does anything special there, just because it's a Word doc. 1) Have you looked at the request log to verify the requests are coming in looking the way you expect them to? Are they coming to the same domain name? (as opposed to getting the Word doc from 192.168.1.1, when the cookie came from www.myhost.org) 2) Is the cookie-path possibly at fault here? I.e., are you specifying the cookie path to be the root of the app, or are you letting it default? If it's defaulting to something, it may be that it's not defaulting to something that let's it be visible once it goes looking for the Word doc. Example: If you set the cookie at "/users/login" (or something) and nothing tells the browser otherwise, the browser will only send the cookie to /users/ and below, so if your Word docs are located at "/downloads/...", you may have problems. (You may want to test with Netscape/Mozilla, or some other browser with a cookie manager, so you can see what's going on there.) 3) Have you tried modifying the Qx code to help you troubleshoot? I have had some real headaches before, that were resolved by being able to see the headers as they came in from, and were sent out to, the browser. How to do that most easily depends on how you're using Qx (CGI, FCGI, SCGI, etc...) I know these aren't really specific to your situation, but hopefully they'll give you an idea or two. Good luck, Jason