[Rusonyx #1409052]: Re: Apache2::AuthCookie - semantics of WhatEverPath parameter?
Michael Schout, Вы написали в компанию Русоникс и это письмо является автоматическим подтверждением того, что Ваша заявка поступила в очередь на обработку. Мы ответим на Ваш запрос по возможности максимально быстро. ID Заявки: 1409052 Тема: Re: Apache2::AuthCookie - semantics of WhatEverPath parameter? Отдел: Support Тип: Issue Статус: Open Приоритет: Medium С уважением ООО Русоникс www.rusonyx.ru Rusonyx -- Портал технической поддержки: https://support.rusonyx.ru/index.php?
Re: Apache2::AuthCookie - semantics of WhatEverPath parameter?
On 7/27/15 12:30 PM, Jim Garrison wrote: > Every example for Apache2::AuthCookie shows > > ... > WhatEverPath / > ... AuthCookie maintainer here. Its the path that will be sent in the HTTP Cookie. As already mentioned by others is the path component of the cookie. If you set a cookie with path=/foo for example, that cookie is only supposed to be sent by the client for urls that begin with /foo. For example if you have a directory called /secure, and you only require AuthCookie authentication to access urls under this directory, you might set the path to /secure Regards, Michael Schout
Re: Apache2::AuthCookie - semantics of WhatEverPath parameter?
On Mon, 27 Jul 2015 10:30:11 -0700 Jim Garrison wrote: > Every example for Apache2::AuthCookie shows > > ... > WhatEverPath / > ... > > but I can find nothing that explains what the value "/" represents. > Is it a URI? Later in the sample configs we see URIs to which > protection applies are defined by or tags, > > How does the value of this parameter affect the behavior of AuthCookie, > and under what circumstances would its value not be "/"? > It's a path; see : https://en.wikipedia.org/wiki/HTTP_cookie#Domain_and_Path -- Salutations, Vincent Veyron https://legalcase.libremen.com/ Legal case, contract and insurance claim management software
Re: Apache2::AuthCookie - semantics of WhatEverPath parameter?
It is the path part of a URL. The HTML Cookie specification defines it, and this is AuthCookie's way of letting you set it. If the request domain + path doesn't match those set in the cookie, then the browser won't send the cookie to the server. When using cookies for non-auth purposes, there are lots of cases where you would want something more specific than / (to set a preference specific to an add at some.web.site/some/app, for example). You're right that, for auth, it's hard to imagine when you wouldn't want to just leave it as /. ...Steve -- Steve van der Burg Information Technology Services London Health Sciences Centre & St. Joseph's Health Care London (519) 685-8500 ext 35559 steve.vanderb...@lhsc.on.ca Jim Garrison wrote: > Every example for Apache2::AuthCookie shows > > ... > WhatEverPath / > ... > > but I can find nothing that explains what the value "/" represents. > Is it a URI? Later in the sample configs we see URIs to which > protection applies are defined by or tags, > > How does the value of this parameter affect the behavior of AuthCookie, > and under what circumstances would its value not be "/"? > > Thanks > > -- > Jim Garrison (j...@acm.org) > PGP Keys at http://www.jhmg.net RSA 0x04B73B7F DH 0x70738D88 This information is directed in confidence solely to the person named above and may contain confidential and/or privileged material. This information may not otherwise be distributed, copied or disclosed. If you have received this e-mail in error, please notify the sender immediately via a return e-mail and destroy original message. Thank you for your cooperation.
Re: Apache2::AuthCookie - semantics of WhatEverPath parameter?
On 7/27/2015 10:30 AM, Jim Garrison wrote: > Every example for Apache2::AuthCookie shows > > ... > WhatEverPath / > ... > That should of course be PerlSetVar WhatEverPath / -- Jim Garrison (j...@acm.org) PGP Keys at http://www.jhmg.net RSA 0x04B73B7F DH 0x70738D88
Apache2::AuthCookie - semantics of WhatEverPath parameter?
Every example for Apache2::AuthCookie shows ... WhatEverPath / ... but I can find nothing that explains what the value "/" represents. Is it a URI? Later in the sample configs we see URIs to which protection applies are defined by or tags, How does the value of this parameter affect the behavior of AuthCookie, and under what circumstances would its value not be "/"? Thanks -- Jim Garrison (j...@acm.org) PGP Keys at http://www.jhmg.net RSA 0x04B73B7F DH 0x70738D88