Kjetil Kjernsmo wrote:
We have seen a problem with server errors when getting malformed
cookies. The problem has been seen before, we found from googling [1],
but it is not clear how we should address this. We are not quite
positive about the source of the malformed cookies, (it may have been
only test code, it may have been old sins) but it seems like FF is
sending them back as they were, while Opera makes an effort to make
them valid. :-)
The problem then occurs if there is a malformed cookie in the jar, if
any cookie is attempted to be read, libapreq2 dies.
First of all, is it the intended behavior that libapreq2 should die
under these circumstances? If yes, are we supposed to deal with this by
putting each read of a cookie in an eval block?
With Apache2::Cookie, I had server error problems with undefined values in
cookies that had previously worked fine with CGI::Cookie. I fixed the
problem by adding the lines below with the plus sign in front of them to the
Apache2::Cookie module:
sub freeze {
my ($class, $value) = @_;
die 'Usage: Apache2::Cookie->freeze($value)' unless @_ == 2;
if (not ref $value) {
return encode($value);
}
elsif (UNIVERSAL::isa($value, "ARRAY")) {
+ $_ ||= 0 for (@$value);
return join '&', map encode($_), @$value;
}
elsif (UNIVERSAL::isa($value, "HASH")) {
+ for (keys %$value) { $$value{$_} ||= 0; }
return join '&', map encode($_), %$value;
}
die "Can't freeze reference: $value";
}
sub thaw {
my $c = shift;
my @rv = split /&/, @_ ? shift : $c->SUPER::value;
+ $_ ||= 0 for (@rv);
return wantarray ? map decode($_), @rv : decode($rv[0]);
}
