Re: Apache::Cooke & reserved chars
darren chamberlain wrote: > [EMAIL PROTECTED] <[EMAIL PROTECTED]> said something to this effect on >12/18/2001: > >>>Use escape_uri and unescape_uri, or some other pair of reversable >>>functions. For example, store it as: >>> >>Tried this and it appears that Apache::Util escapes the same >>characters that Apache::Cookie does when it prepares this >>cookie. Problem is that it wont pull the ampersands back in. >>I'm assuming the thinking is that Apache::Cookie shoud be able >>to decode a string it encodes. I'm running an older version of >>mod_perl (1.24_01), wondering if anybody knows if this issue >>has been seen before, and if it's been fixed in more recent >>versions. >> > > URI::Escape::uri_escape allows you to pass a list of "unsafe" > characters as the optional second argument (although > Apache::Util::unescape_uri does not; see src/main/util.c in the > apache source for why). Here is an updated version of my > previous example (trimmed; the value for $url is the one you gave > in the original message): > > use URI::Escape; > my $url = >q|http://www.newsfactor.com/x.pl?action=reply_form_html&board=nfntalkback&id=3288|; > my $escaped = uri_escape($url, '\x00-\xff'); > > Now, $escaped looks like: > > >%68%74%74%70%3A%2F%2F%77%77%77%2E%6E%65%77%73%66%61%63%74%6F%72%2E%63%6F%6D%2F%78%78%78%78%78%2E%70%6C%3F%61%63%74%69%6F%6E%3D%72%65%70%6C%79%5F%66%6F%72%6D%5F%68%74%6D%6C%26%62%6F%61%72%64%3D%6E%66%6E%74%61%6C%6B%62%61%63%6B%26%69%64%3D%33%32%38%38 > > This should be OK as a cookie value. The value of $escaped is > easily retrievable with: > > my $unescaped = uri_unescape($escaped); > > The only problem, such as it may be, is that the version in > URI::Escape pure perl, and therefore slower than the version in > Apache::Util. > > (darren) > > Yeah I don't wanna have to load up URI::Escape, I'm just doing a s/&/___/g and doing the inverse after receiving the URL on the other end. Does anybody know why Apache::Cookie is barfing on the ampersands? I looked at the RFC yesterday and ampersand is not listed as unsafe. Btw, thanks for your suggestions darren. -- -- Daniel Bohling NewsFactor Network
Re: Apache::Cooke & reserved chars
[EMAIL PROTECTED] <[EMAIL PROTECTED]> said something to this effect on 12/18/2001: > > Use escape_uri and unescape_uri, or some other pair of reversable > > functions. For example, store it as: > > Tried this and it appears that Apache::Util escapes the same > characters that Apache::Cookie does when it prepares this > cookie. Problem is that it wont pull the ampersands back in. > I'm assuming the thinking is that Apache::Cookie shoud be able > to decode a string it encodes. I'm running an older version of > mod_perl (1.24_01), wondering if anybody knows if this issue > has been seen before, and if it's been fixed in more recent > versions. URI::Escape::uri_escape allows you to pass a list of "unsafe" characters as the optional second argument (although Apache::Util::unescape_uri does not; see src/main/util.c in the apache source for why). Here is an updated version of my previous example (trimmed; the value for $url is the one you gave in the original message): use URI::Escape; my $url = q|http://www.newsfactor.com/x.pl?action=reply_form_html&board=nfntalkback&id=3288|; my $escaped = uri_escape($url, '\x00-\xff'); Now, $escaped looks like: %68%74%74%70%3A%2F%2F%77%77%77%2E%6E%65%77%73%66%61%63%74%6F%72%2E%63%6F%6D%2F%78%78%78%78%78%2E%70%6C%3F%61%63%74%69%6F%6E%3D%72%65%70%6C%79%5F%66%6F%72%6D%5F%68%74%6D%6C%26%62%6F%61%72%64%3D%6E%66%6E%74%61%6C%6B%62%61%63%6B%26%69%64%3D%33%32%38%38 This should be OK as a cookie value. The value of $escaped is easily retrievable with: my $unescaped = uri_unescape($escaped); The only problem, such as it may be, is that the version in URI::Escape pure perl, and therefore slower than the version in Apache::Util. (darren) -- I invented the term "Object-Oriented", and I can tell you, I didn't have C++ in mind. -- Alan Kay
Re: Apache::Cooke & reserved chars
darren chamberlain wrote: > [EMAIL PROTECTED] <[EMAIL PROTECTED]> said something to this effect on >12/17/2001: > >>I'm recording a url at the beginning of an app to restore the >>entrance url: >> >>sub set_referer { >> my $self = shift; >> if ($self->{R}) { >> require Apache::Cookie; >> >> my $cookie = Apache::Cookie->new($self->{R}, >> -name=> "REFERER", >> -value => $self->{R}->header_in('Referer'), >> -expires => '2d', >> -domain => ".$NFN::sites{$ENV{SITE}}{domain}", >> -path=> '/' >> ); >> $cookie->bake; >> } >> >>} >> >> >>Which stores the cookie portion like so: >> >>REFERER=http://www.newsfactor.com/x.pl%3faction=reply_form_html&board=nfntalkback&id=3288 >> >>However when I pull this back in with Apache::Cookie->fetch, >>the data then reads: >> >>http://www.newsfactor.com/x.pl?action=reply_form_html >> >>Apache::Cookie seems to be stripping out the portion after the first >>ampersand. >> >>Anybody know what do do here? >> > > Use escape_uri and unescape_uri, or some other pair of reversable > functions. For example, store it as: > > use Apache::Util qw(escape_uri unescape_uri); > sub set_referer { > my $self = shift; > if ($self->{R}) { > require Apache::Cookie; > > my $cookie = Apache::Cookie->new($self->{R}, > -name=> "REFERER", > -value => escape_uri($self->{R}->header_in('Referer')), > -expires => '2d', > -domain => ".$NFN::sites{$ENV{SITE}}{domain}", > -path=> '/' > ); > $cookie->bake; > } > > } > > And then fetch it as: > > my $value = unescape_uri($cookies{'REFERER'}); > > (darren) > > Thanks darren, Tried this and it appears that Apache::Util escapes the same characters that Apache::Cookie does when it prepares this cookie. Problem is that it wont pull the ampersands back in. I'm assuming the thinking is that Apache::Cookie shoud be able to decode a string it encodes. I'm running an older version of mod_perl (1.24_01), wondering if anybody knows if this issue has been seen before, and if it's been fixed in more recent versions. -- -- Daniel Bohling NewsFactor Network
Re: Apache::Cooke & reserved chars
[EMAIL PROTECTED] <[EMAIL PROTECTED]> said something to this effect on 12/17/2001: > I'm recording a url at the beginning of an app to restore the > entrance url: > > sub set_referer { > my $self = shift; > if ($self->{R}) { > require Apache::Cookie; > > my $cookie = Apache::Cookie->new($self->{R}, > -name=> "REFERER", > -value => $self->{R}->header_in('Referer'), > -expires => '2d', > -domain => ".$NFN::sites{$ENV{SITE}}{domain}", > -path=> '/' > ); > $cookie->bake; > } > > } > > > Which stores the cookie portion like so: > > >REFERER=http://www.newsfactor.com/x.pl%3faction=reply_form_html&board=nfntalkback&id=3288 > > However when I pull this back in with Apache::Cookie->fetch, > the data then reads: > > http://www.newsfactor.com/x.pl?action=reply_form_html > > Apache::Cookie seems to be stripping out the portion after the first > ampersand. > > Anybody know what do do here? Use escape_uri and unescape_uri, or some other pair of reversable functions. For example, store it as: use Apache::Util qw(escape_uri unescape_uri); sub set_referer { my $self = shift; if ($self->{R}) { require Apache::Cookie; my $cookie = Apache::Cookie->new($self->{R}, -name=> "REFERER", -value => escape_uri($self->{R}->header_in('Referer')), -expires => '2d', -domain => ".$NFN::sites{$ENV{SITE}}{domain}", -path=> '/' ); $cookie->bake; } } And then fetch it as: my $value = unescape_uri($cookies{'REFERER'}); (darren) -- Men are from earth. Women are from earth. Deal with it.
Apache::Cooke & reserved chars
Hi all, I'm recording a url at the beginning of an app to restore the entrance url: sub set_referer { my $self = shift; if ($self->{R}) { require Apache::Cookie; my $cookie = Apache::Cookie->new($self->{R}, -name=> "REFERER", -value => $self->{R}->header_in('Referer'), -expires => '2d', -domain => ".$NFN::sites{$ENV{SITE}}{domain}", -path=> '/' ); $cookie->bake; } } Which stores the cookie portion like so: REFERER=http://www.newsfactor.com/x.pl%3faction=reply_form_html&board=nfntalkback&id=3288 However when I pull this back in with Apache::Cookie->fetch, the data then reads: http://www.newsfactor.com/x.pl?action=reply_form_html Apache::Cookie seems to be stripping out the portion after the first ampersand. Anybody know what do do here? Thanks in advance, -- -- Daniel Bohling NewsFactor Network