Re: forbidden vs. cookie

Robert Landrum Mon, 30 Apr 2001 16:34:33 -0700
>On Mon, Apr 30, 2001 at 03:46:03PM -0400, Geoffrey Young wrote:
>> > From: will trillich [mailto:[EMAIL PROTECTED]]
>> > Sent: Monday, April 30, 2001 3:31 PM
>> > To: [EMAIL PROTECTED]
>> > Subject: forbidden vs. cookie
>> [snip]
>> >    # this don't work so hot, neither:
>> >                    $r->header_out(-cookie=>$cookie);
>> >                    $r->header_out(-location=>$login_uri);
>> >                    return REDIRECT;
>> >    # neither header is sent.
>>
>> you probably want $r->err_headers_out instead of $r->headers_out
>
>example on p. 125 doesn't -- but since success is zero for me
>their way, i also tried your method, this way for thoroughness:
>
>       # called as a "PerlAccessHandler", don't forget--
>       $r->header_out(Cookie=>$cookie);
>       $r->err_header_out(Cookie=>$cookie);


Shouldn't these be

        $r->header_out('Set-Cookie'=>$cookie);
        $r->err_header_out('Set-Cookie'=>$cookie);



>       $r->header_out(Location=>$login_uri);
>       $r->err_header_out(Location=>$login_uri);
>       return REDIRECT;
>
>wouldn't you think that would do the trick? i sure did...
>
>       Trying ##.##.##.##
>       Connected to i-think-this-may-never-work-for-me.com.
>       Escape character is '^]'.
>       GET /secured HTTP/1.1
>
>       HTTP/1.1 302 Found
>       Date: Mon, 30 Apr 2001 23:27:46 GMT
>       Server: Apache/1.3.9
>       Location: http://www.i-think-this-may-never-work-for-me.com/login
>       Transfer-Encoding: chunked
>       Content-Type: text/html; charset=iso-8859-1
>
>       <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
>       <HTML><HEAD>
>       <TITLE>302 Found</TITLE>
>       </HEAD><BODY>
>       <H1>Found</H1>
>       The document has moved <A 
>HREF="http://www.i-think-this-may-never-work-for-me.com/login";>here</A 
> >.<P>
>       </BODY></HTML>
>
>the Location: header made it through, but the set-cookie: header
>got lost in the blast furnace somewhere.
>
>objective: return "set-cookie:" header while redirecting the
>largest number of browsers possible, getting around
>incompatibility problems with various browser implementations on
>varying platforms.
>
>any more rough nudges anybody would care to impinge?
>
>--
>don't visit this page. it's bad for you. take my expert word for it.
>http://www.salon.com/people/col/pagl/2001/03/21/spring/index1.html
>
>[EMAIL PROTECTED]
>http://sourceforge.net/projects/newbiedoc -- we need your brain!
>http://www.dontUthink.com/ -- your brain needs us!


--
As soon as you make something foolproof, someone will create a better fool.
Re: forbidden vs. cookie

Reply via email to
