Re: Apache::Cooke & reserved chars
darren chamberlain wrote: > [EMAIL PROTECTED] <[EMAIL PROTECTED]> said something to this effect on >12/18/2001: > >>>Use escape_uri and unescape_uri, or some other pair of reversable >>>functions. For example, store it as: >>> >>Tried this and it appears that Apache::Util escapes the same >>characters that Apache::Cookie does when it prepares this >>cookie. Problem is that it wont pull the ampersands back in. >>I'm assuming the thinking is that Apache::Cookie shoud be able >>to decode a string it encodes. I'm running an older version of >>mod_perl (1.24_01), wondering if anybody knows if this issue >>has been seen before, and if it's been fixed in more recent >>versions. >> > > URI::Escape::uri_escape allows you to pass a list of "unsafe" > characters as the optional second argument (although > Apache::Util::unescape_uri does not; see src/main/util.c in the > apache source for why). Here is an updated version of my > previous example (trimmed; the value for $url is the one you gave > in the original message): > > use URI::Escape; > my $url = >q|http://www.newsfactor.com/x.pl?action=reply_form_html&board=nfntalkback&id=3288|; > my $escaped = uri_escape($url, '\x00-\xff'); > > Now, $escaped looks like: > > >%68%74%74%70%3A%2F%2F%77%77%77%2E%6E%65%77%73%66%61%63%74%6F%72%2E%63%6F%6D%2F%78%78%78%78%78%2E%70%6C%3F%61%63%74%69%6F%6E%3D%72%65%70%6C%79%5F%66%6F%72%6D%5F%68%74%6D%6C%26%62%6F%61%72%64%3D%6E%66%6E%74%61%6C%6B%62%61%63%6B%26%69%64%3D%33%32%38%38 > > This should be OK as a cookie value. The value of $escaped is > easily retrievable with: > > my $unescaped = uri_unescape($escaped); > > The only problem, such as it may be, is that the version in > URI::Escape pure perl, and therefore slower than the version in > Apache::Util. > > (darren) > > Yeah I don't wanna have to load up URI::Escape, I'm just doing a s/&/___/g and doing the inverse after receiving the URL on the other end. Does anybody know why Apache::Cookie is barfing on the ampersands? I looked at the RFC yesterday and ampersand is not listed as unsafe. Btw, thanks for your suggestions darren. -- -- Daniel Bohling NewsFactor Network
Re: Apache::Cooke & reserved chars
[EMAIL PROTECTED] <[EMAIL PROTECTED]> said something to this effect on 12/18/2001: > > Use escape_uri and unescape_uri, or some other pair of reversable > > functions. For example, store it as: > > Tried this and it appears that Apache::Util escapes the same > characters that Apache::Cookie does when it prepares this > cookie. Problem is that it wont pull the ampersands back in. > I'm assuming the thinking is that Apache::Cookie shoud be able > to decode a string it encodes. I'm running an older version of > mod_perl (1.24_01), wondering if anybody knows if this issue > has been seen before, and if it's been fixed in more recent > versions. URI::Escape::uri_escape allows you to pass a list of "unsafe" characters as the optional second argument (although Apache::Util::unescape_uri does not; see src/main/util.c in the apache source for why). Here is an updated version of my previous example (trimmed; the value for $url is the one you gave in the original message): use URI::Escape; my $url = q|http://www.newsfactor.com/x.pl?action=reply_form_html&board=nfntalkback&id=3288|; my $escaped = uri_escape($url, '\x00-\xff'); Now, $escaped looks like: %68%74%74%70%3A%2F%2F%77%77%77%2E%6E%65%77%73%66%61%63%74%6F%72%2E%63%6F%6D%2F%78%78%78%78%78%2E%70%6C%3F%61%63%74%69%6F%6E%3D%72%65%70%6C%79%5F%66%6F%72%6D%5F%68%74%6D%6C%26%62%6F%61%72%64%3D%6E%66%6E%74%61%6C%6B%62%61%63%6B%26%69%64%3D%33%32%38%38 This should be OK as a cookie value. The value of $escaped is easily retrievable with: my $unescaped = uri_unescape($escaped); The only problem, such as it may be, is that the version in URI::Escape pure perl, and therefore slower than the version in Apache::Util. (darren) -- I invented the term "Object-Oriented", and I can tell you, I didn't have C++ in mind. -- Alan Kay
Re: Apache::Cooke & reserved chars
darren chamberlain wrote:
> [EMAIL PROTECTED] <[EMAIL PROTECTED]> said something to this effect on
>12/17/2001:
>
>>I'm recording a url at the beginning of an app to restore the
>>entrance url:
>>
>>sub set_referer {
>> my $self = shift;
>> if ($self->{R}) {
>> require Apache::Cookie;
>>
>> my $cookie = Apache::Cookie->new($self->{R},
>> -name=> "REFERER",
>> -value => $self->{R}->header_in('Referer'),
>> -expires => '2d',
>> -domain => ".$NFN::sites{$ENV{SITE}}{domain}",
>> -path=> '/'
>> );
>> $cookie->bake;
>> }
>>
>>}
>>
>>
>>Which stores the cookie portion like so:
>>
>>REFERER=http://www.newsfactor.com/x.pl%3faction=reply_form_html&board=nfntalkback&id=3288
>>
>>However when I pull this back in with Apache::Cookie->fetch,
>>the data then reads:
>>
>>http://www.newsfactor.com/x.pl?action=reply_form_html
>>
>>Apache::Cookie seems to be stripping out the portion after the first
>>ampersand.
>>
>>Anybody know what do do here?
>>
>
> Use escape_uri and unescape_uri, or some other pair of reversable
> functions. For example, store it as:
>
> use Apache::Util qw(escape_uri unescape_uri);
> sub set_referer {
> my $self = shift;
> if ($self->{R}) {
> require Apache::Cookie;
>
> my $cookie = Apache::Cookie->new($self->{R},
> -name=> "REFERER",
> -value => escape_uri($self->{R}->header_in('Referer')),
> -expires => '2d',
> -domain => ".$NFN::sites{$ENV{SITE}}{domain}",
> -path=> '/'
> );
> $cookie->bake;
> }
>
> }
>
> And then fetch it as:
>
> my $value = unescape_uri($cookies{'REFERER'});
>
> (darren)
>
>
Thanks darren,
Tried this and it appears that Apache::Util escapes the same characters
that Apache::Cookie does when it prepares this cookie. Problem is that
it wont pull the ampersands back in. I'm assuming the thinking is that
Apache::Cookie shoud be able to decode a string it encodes. I'm running
an older version of mod_perl (1.24_01), wondering if anybody knows if
this issue has been seen before, and if it's been fixed in more recent
versions.
--
--
Daniel Bohling
NewsFactor Network
Re: Apache::Cooke & reserved chars
[EMAIL PROTECTED] <[EMAIL PROTECTED]> said something to this effect on
12/17/2001:
> I'm recording a url at the beginning of an app to restore the
> entrance url:
>
> sub set_referer {
> my $self = shift;
> if ($self->{R}) {
> require Apache::Cookie;
>
> my $cookie = Apache::Cookie->new($self->{R},
> -name=> "REFERER",
> -value => $self->{R}->header_in('Referer'),
> -expires => '2d',
> -domain => ".$NFN::sites{$ENV{SITE}}{domain}",
> -path=> '/'
> );
> $cookie->bake;
> }
>
> }
>
>
> Which stores the cookie portion like so:
>
>
>REFERER=http://www.newsfactor.com/x.pl%3faction=reply_form_html&board=nfntalkback&id=3288
>
> However when I pull this back in with Apache::Cookie->fetch,
> the data then reads:
>
> http://www.newsfactor.com/x.pl?action=reply_form_html
>
> Apache::Cookie seems to be stripping out the portion after the first
> ampersand.
>
> Anybody know what do do here?
Use escape_uri and unescape_uri, or some other pair of reversable
functions. For example, store it as:
use Apache::Util qw(escape_uri unescape_uri);
sub set_referer {
my $self = shift;
if ($self->{R}) {
require Apache::Cookie;
my $cookie = Apache::Cookie->new($self->{R},
-name=> "REFERER",
-value => escape_uri($self->{R}->header_in('Referer')),
-expires => '2d',
-domain => ".$NFN::sites{$ENV{SITE}}{domain}",
-path=> '/'
);
$cookie->bake;
}
}
And then fetch it as:
my $value = unescape_uri($cookies{'REFERER'});
(darren)
--
Men are from earth. Women are from earth. Deal with it.
Apache::Cooke & reserved chars
Hi all,
I'm recording a url at the beginning of an app to restore the
entrance url:
sub set_referer {
my $self = shift;
if ($self->{R}) {
require Apache::Cookie;
my $cookie = Apache::Cookie->new($self->{R},
-name=> "REFERER",
-value => $self->{R}->header_in('Referer'),
-expires => '2d',
-domain => ".$NFN::sites{$ENV{SITE}}{domain}",
-path=> '/'
);
$cookie->bake;
}
}
Which stores the cookie portion like so:
REFERER=http://www.newsfactor.com/x.pl%3faction=reply_form_html&board=nfntalkback&id=3288
However when I pull this back in with Apache::Cookie->fetch,
the data then reads:
http://www.newsfactor.com/x.pl?action=reply_form_html
Apache::Cookie seems to be stripping out the portion after the first
ampersand.
Anybody know what do do here?
Thanks in advance,
--
--
Daniel Bohling
NewsFactor Network
