weird cookie behavior

Sun, 10 Nov 2002 01:14:46 -0800 

I'm experiencing strange behavior with cookies when my scripts are
accessed in mod_perl (using Apache::Registry).  Everything works fine so
long as my browser is configured to not go through a proxy (ie, in
Netscape 4.77, "directly connected to the Internet" option is selected).
When I configure it to use a custom proxy (eg, Junkbuster running on my
LAN gateway), my cookies no longer work, but I can still browse the web
fine.

I should point out that everything works ok when the scripts are
accessed as CGI's rather than mod_perl.  Hence I'm fairly certain the
problem is not with the Junkbuster proxy, but has something to do with
mod_perl.

These are the software versions:

    Debian/Linux 3.0
    Apache 1.3.26 + mod_ssl 2.8.9 (running in proxy accelerator mode)
    Apache 1.3.26 + mod_perl 1.26
    Perl 5.6.1

I'm using CGI.pm to create the cookie headers.  Typical code looks like this:

    # Setting a cookie
    # (the test.pl script will retrieve the cookie and check auth_info)
    $cookie = MI_BakeCookie($q, $form->{'email'}, $form->{'passwd'});
    print $q->redirect(-cookie=>$cookie, -url=>"/perl/test.pl?op=menu");
    
    # Retrieving a cookie
    $cookie = $q->cookie('auth_info');
    @form{'email', 'crypt'} = split (':', $cookie);
    
    # The function that creates the cookies...
    # Creates a temporary auth_info cookie which contains the user's
    # email address and encrypted password (MD5 hash).
    sub MI_BakeCookie {
            my ($q, $email, $password) = @_;
    
            my $crypt = md5_hex($password);
            my $auth_info = join (':', $email, $crypt);
    
            my $cookie = $q->cookie(-name=>'auth_info',
                    -value=>$auth_info,
                    # -expires=>'+10d',
                    -path=>'/',
                    -secure=>0   # haven't changed this yet...
            );
    
            return ($cookie);
    }

It's all pretty straightforward stuff...  which is why I'm confused and
hope that someone might have an idea as to what's going on here.  I'm
open to any suggestions, but alas I don't have a lot of time to spare so
can't really afford to make my own custom handler and switch to
Apache::Cookie or whatnot.  But if that's the only solution, then I
gotta do what I gotta do.

Anyway, please let me know if you have any ideas. :)

Reply via email to