Re: Apache2::AuthCookie - semantics of WhatEverPath parameter?
On 7/27/2015 10:30 AM, Jim Garrison wrote: > Every example for Apache2::AuthCookie shows > > ... > WhatEverPath / > ... > That should of course be PerlSetVar WhatEverPath / -- Jim Garrison (j...@acm.org) PGP Keys at http://www.jhmg.net RSA 0x04B73B7F DH 0x70738D88
Re: Apache2::AuthCookie - semantics of WhatEverPath parameter?
It is the path part of a URL. The HTML Cookie specification defines it, and this is AuthCookie's way of letting you set it. If the request domain + path doesn't match those set in the cookie, then the browser won't send the cookie to the server. When using cookies for non-auth purposes, there are lots of cases where you would want something more specific than / (to set a preference specific to an add at some.web.site/some/app, for example). You're right that, for auth, it's hard to imagine when you wouldn't want to just leave it as /. ...Steve -- Steve van der Burg Information Technology Services London Health Sciences Centre & St. Joseph's Health Care London (519) 685-8500 ext 35559 steve.vanderb...@lhsc.on.ca Jim Garrison wrote: > Every example for Apache2::AuthCookie shows > > ... > WhatEverPath / > ... > > but I can find nothing that explains what the value "/" represents. > Is it a URI? Later in the sample configs we see URIs to which > protection applies are defined by or tags, > > How does the value of this parameter affect the behavior of AuthCookie, > and under what circumstances would its value not be "/"? > > Thanks > > -- > Jim Garrison (j...@acm.org) > PGP Keys at http://www.jhmg.net RSA 0x04B73B7F DH 0x70738D88 This information is directed in confidence solely to the person named above and may contain confidential and/or privileged material. This information may not otherwise be distributed, copied or disclosed. If you have received this e-mail in error, please notify the sender immediately via a return e-mail and destroy original message. Thank you for your cooperation.
Re: Apache2::AuthCookie - semantics of WhatEverPath parameter?
On Mon, 27 Jul 2015 10:30:11 -0700 Jim Garrison wrote: > Every example for Apache2::AuthCookie shows > > ... > WhatEverPath / > ... > > but I can find nothing that explains what the value "/" represents. > Is it a URI? Later in the sample configs we see URIs to which > protection applies are defined by or tags, > > How does the value of this parameter affect the behavior of AuthCookie, > and under what circumstances would its value not be "/"? > It's a path; see : https://en.wikipedia.org/wiki/HTTP_cookie#Domain_and_Path -- Salutations, Vincent Veyron https://legalcase.libremen.com/ Legal case, contract and insurance claim management software
Re: Apache2::AuthCookie - semantics of WhatEverPath parameter?
On 7/27/15 12:30 PM, Jim Garrison wrote: > Every example for Apache2::AuthCookie shows > > ... > WhatEverPath / > ... AuthCookie maintainer here. Its the path that will be sent in the HTTP Cookie. As already mentioned by others is the path component of the cookie. If you set a cookie with path=/foo for example, that cookie is only supposed to be sent by the client for urls that begin with /foo. For example if you have a directory called /secure, and you only require AuthCookie authentication to access urls under this directory, you might set the path to /secure Regards, Michael Schout
[Rusonyx #1409052]: Re: Apache2::AuthCookie - semantics of WhatEverPath parameter?
Michael Schout, Вы написали в компанию Русоникс и это письмо является автоматическим подтверждением того, что Ваша заявка поступила в очередь на обработку. Мы ответим на Ваш запрос по возможности максимально быстро. ID Заявки: 1409052 Тема: Re: Apache2::AuthCookie - semantics of WhatEverPath parameter? Отдел: Support Тип: Issue Статус: Open Приоритет: Medium С уважением ООО Русоникс www.rusonyx.ru Rusonyx -- Портал технической поддержки: https://support.rusonyx.ru/index.php?
