Hi, Emacs told me this: "savannah.nongnu.org tried to set a cookie for domain .savannah.nongnu.org - rejected. [4 times]"
... while (http://www.ietf.org/rfc/rfc2109.txt): Domain=domain Optional. The Domain attribute specifies the domain for which the cookie is valid. _An explicitly specified domain must always start with a dot._ (emphasis added) Using '.sv.nongnu.org' means asking cookies to be sent to *.sv.nongnu.org, which is used by a part of Savane for multi-site authentication (eg both for Savane and Mailman archives authentication at gna.org). Moreover adding the leading dot is apparently required. emacs-w3m doesn't seem to behave according to the RFC, would you mind reporting a bug to emacs-w3m? -- Sylvain On Fri, Dec 01, 2006 at 12:53:29AM +0100, [EMAIL PROTECTED] wrote: > Sylvain Beucler <[EMAIL PROTECTED]> writes: > > > Do you get a warning about the https certificate? As I said, I think > > w3m reject cookies if it doesn't trust it. > > No I dont appear to get this warning > > > Do you know where w3m stores the trusted CAs, so I can add SV's there? > > Or is there an equivalent to curl's -k/--insecure option in w3m? > > > > w3m also sends me a warning about rejecting the unsecure cookie, > > refering a RFC that says the Domain must be valid. Since the Domain is > > optional, I don't use it for the cookie probe, and it should work. I > > think the rejection is rather due to the https cert. > > > there was a "accept bad cookies" setting in emacs-w3m. Im not sure > what this translates to for the pure w3m. This setting didnt help > however. > > > > -- > > Sylvain > > > > On Fri, Dec 01, 2006 at 12:08:36AM +0100, [EMAIL PROTECTED] wrote: > >> Sylvain Beucler <[EMAIL PROTECTED]> writes: > >> > >> emacs-w3m now proceeds a bit further, but Im still unable to login. > >> I get this error: > >> > >> Error Error:Savane thinks your cookie are not activated for > >> savannah.gnu.org. to log-in, we need you to activate cookies in your > >> web browser for this website. please do so and click here: > >> https://savannah.gnu.org/account/lo...;> > >> then I c heck that cookies are acctiveated, and they seem to be, but I > >> never get to login. The original certificate loop, or whatever it was, > >> seems to be gone now at any rate. > >> > >> > >> > On Mon, Oct 23, 2006 at 11:04:35PM +0200, Sylvain Beucler wrote: > >> >> On Wed, Oct 18, 2006 at 05:24:51PM +0200, [EMAIL PROTECTED] wrote: > >> >> > ...doesnt seem to interact well during login. > >> >> > Any workarounds for this? > >> >> > >> >> I don't have work-arounds, but I'd be glad to better understand the > >> >> source of this issue. I can reproduce it here, and apparently w3m is > >> >> redirecting to the same URL in an endless loop (until the w3m max > >> >> redirect is hit) - or so it seems. > >> > > >> > A bug was introduced, happening where when cookies were rejected > >> > sv.nongnu.org while using the 'log to browser website' feature. > >> > > >> > This is fixed - I made the cookie detection before the login form is > >> > submitted, using HTTP redirections, so the user is immediately told > >> > about it. > >> > > >> > > >> > So you should be able to login using w3m. > >> > > >> > I tried, but it complained about the fact our TLS certificate is not > >> > signed by one of its Certificate Authority, and I couldn't find the > >> > option to disable this :) so I didn't test. > >> > > >> > -- > >> > Sylvain > >> > >> -- > >> Joakim Verona > > -- > Joakim Verona > http://www.verona.se _______________________________________________ Savannah-users mailing list [email protected] http://lists.gnu.org/mailman/listinfo/savannah-users
