Debugging Tips (Was Re: Cookies, CGI::App, and mod_perl)

2003-08-03 Thread Larry Leszczynski

> > Do some debugging.  Look at the traffic going back and forth.  Test it
> > with GET or lynx.  See if the cookie header is being sent.
> 
> To elaborate a little on this thread:
> 
> I find ethereal <http://www.ethereal.com/> useful for debugging
> situations like this.  Certain browsers (that I won't name) behave in
> quirky ways that GET or lynx won't emulate, so it's often worth
> running ethereal in the background whilst using your site with various
> browsers, then analysing TCP streams in ethereal to see exactly what's
> happening.

PlugProxy is also very good for this type of debugging:

   http://www.bbzzdd.com/plugproxy/

For just examining the HTTP request/response I find it easier and more
straighforward to use than Ethereal.  (The screen shot on their home page
shows an HTTP exchange with hex mode turned on, it's actually much easier
to read with hex mode turned off.)

A tip for cookie testing when using PlugProxy (or similar proxying tools,
I suppose):  Generally you need to make sure you're making requests
against the correct domain name for your browser to handle the cookies
correctly.  For example, if you set up PlugProxy on your desktop like so:

   Host:www.example.org
   Remote Port: 80
   Local Port:  

then you should be able to use you browser to hit the home page with this:

   http://localhost:/

*but* the browser won't send the cookies that would normally be sent to
"example.org".  The fix is to make it look like localhost is part of
"example.org", and then make the request like this instead:

   http://localhost.example.org:/

You can put something like this:

   127.0.0.1   localhost.example.org  localhost

in /etc/hosts (or \System32\drivers\etc\hosts).


Larry Leszczynski
[EMAIL PROTECTED]




Re: Cookies, CGI::App, and mod_perl

2003-08-03 Thread Tom Hukins
On Fri, Aug 01, 2003 at 01:14:44PM -0400, Perrin Harkins wrote:
> On Fri, 2003-08-01 at 13:04, petersm wrote:
> > When running under mod_perl the cookie is no
> > where to be seen.
> 
> Do some debugging.  Look at the traffic going back and forth.  Test it
> with GET or lynx.  See if the cookie header is being sent.

To elaborate a little on this thread:

I find ethereal  useful for debugging
situations like this.  Certain browsers (that I won't name) behave in
quirky ways that GET or lynx won't emulate, so it's often worth
running ethereal in the background whilst using your site with various
browsers, then analysing TCP streams in ethereal to see exactly what's
happening.

Tom


Re: Cookies, CGI::App, and mod_perl

2003-08-01 Thread Perrin Harkins
[ Please keep it on the list... ]

On Fri, 2003-08-01 at 14:06, petersm wrote:
> Perrin Harkins <[EMAIL PROTECTED]> wrote
> > Do some debugging.  Look at the traffic going back and forth.  Test 
> > it with GET or lynx.  See if the cookie header is being sent.
> 
> Thanks for the suggestion. I used wget and tried it with the mod_perl stuff in
> the config and without. Without, wget gave me the header with the cookie.
> With, wget did not have a cookie in the header. Both returned the correct HTML.
> Maybe some a glance at my config file could help. So here's the relavant
> portion. Thanks...
> 
> 
> PerlModule Apache::StatINC
> 
> AddHandler perl-script .cgi
> PerlHandler Apache::Registry
> PerlSendHeader On
> allow from all
> PerlInitHandler Apache::StatINC
> PerlSetVar StatINCDebug On
> PerlSetEnv PERL5LIB /development/operations/projects/
> 

That looks okay to me.  Maybe it's something about the way you've
structured your code.  Try reducing it down to a small snippet that you
can post.  You may also want to ask on the CGI::Application list.

- Perrin


Re: Cookies, CGI::App, and mod_perl

2003-08-01 Thread Perrin Harkins
On Fri, 2003-08-01 at 13:04, petersm wrote:
> When running under mod_perl the cookie is no
> where to be seen.

Do some debugging.  Look at the traffic going back and forth.  Test it
with GET or lynx.  See if the cookie header is being sent.

> If I understand this correctly, then C::A uses CGI to set
> the cookie and CGI should set it correctly if I'm running under mod_perl right?

Right, although I don't think C::A knows or cares at all about cookies. 
This is just between you and CGI.pm.

> I've seen a lot on forums to use Apache::Cookie, but how do I do that within C::A?

You don't need to use Apache::Cookie, but if you want to you should be
able to use it in the normal documented way.  C::A should not have any
bearing on this.

- Perrin


Cookies, CGI::App, and mod_perl

2003-08-01 Thread petersm
Hello all,

I am using CGI::App 3.1, Apache 1.3.27 and mod_perl 1.28

Here's the problem. I'm trying to set a cookie (using CGI's cookie method and
C::A's header_props method). When the site was running non mod_perl there was
no problem. The cookie was set. When running under mod_perl the cookie is no
where to be seen. If I understand this correctly, then C::A uses CGI to set
the cookie and CGI should set it correctly if I'm running under mod_perl right?
I've seen a lot on forums to use Apache::Cookie, but how do I do that within C::A?

Any ideas would be appreciated.
Thanks

Michael Peters
Venzia 


Re: cookies and POST in pure MP2?

2003-07-23 Thread Stas Bekman
Carl Brewer wrote:


Egor Korablev wrote:

Hi

How can I write and get cookies and get POST data (text) under MP2 
handler
without using apache::compat?


You can either use libapreq, which is _almost_ there :)
or hack yuor own bits up cribbed from CGI.pm or the test
stuff in the mp2 test suite.  That's what I'm using at the
moment while assisting as best I can with the libapreq development.
If you look through the archives for this list you'll find lots
of useful bits & pieces.
probably you can just use CGI.pm. Carl doesn't want to use it, so he had to go 
to the pains to extract the wanted bits from it ;)

make sure that you are using the latest CGI.pm.



__
Stas BekmanJAm_pH --> Just Another mod_perl Hacker
http://stason.org/ mod_perl Guide ---> http://perl.apache.org
mailto:[EMAIL PROTECTED] http://use.perl.org http://apacheweek.com
http://modperlbook.org http://apache.org   http://ticketmaster.com


Re: cookies and POST in pure MP2?

2003-07-23 Thread Carl Brewer


Egor Korablev wrote:

Hi

How can I write and get cookies and get POST data (text) under MP2 handler
without using apache::compat?
You can either use libapreq, which is _almost_ there :)
or hack yuor own bits up cribbed from CGI.pm or the test
stuff in the mp2 test suite.  That's what I'm using at the
moment while assisting as best I can with the libapreq development.
If you look through the archives for this list you'll find lots
of useful bits & pieces.
Carl






cookies and POST in pure MP2?

2003-07-23 Thread Egor Korablev
Hi

How can I write and get cookies and get POST data (text) under MP2 handler
without using apache::compat?

Thx

ps sorry for my english



Re: Getting list of all cookies available?

2003-07-19 Thread Iphigenie

>Is there a way to get the list of available cookies from Apache::ASP
>or mod_perl?


Now I am not the most expert at mod_perl, still a newbie myself

Here's how i have done i when i needed to see the whole list to find out what was 
going on with a cookie not working

use Apache::Cookie;
my %allcookies = Apache::Cookie->fetch;

This will give you all the cookies the browser sends for the URL.
You can get the list through 'keys %allcookies', test for the presence of a cookie 
with 'exists $allcookies{'somestring'}'

Apache::Cookie comes with Apache::Request in libapreq, if i recall correctly (someone 
will correct me if i am wrong)

-- Iphigenie, [EMAIL PROTECTED] on 19/07/2003



Getting list of all cookies available?

2003-07-18 Thread greg
I'm using Apache 1.3.27, mod_perl 1.28, and Apache::ASP 2.53 (+ mod_ssl,
all on cygwin).

I know how I can get and set cookies in Apache:ASP, this is no problem.
What I am trying to figure out is how to get a list of cookies that are
available.

Is there a way to get the list of available cookies from Apache::ASP or
mod_perl? Or should I just use the HTTP_COOKIE variable and parse that to
get my list?

Thanks,
Greg



Re: cookies

2003-07-16 Thread Dennis Stout
WOOO!

I went to the ttms site, logged in, AND IT AUTHNTICATED ME AND GAVE ME PAGES!!
:D

Aight,  is on me tonight :D

I can't beleive it!  3 weeks on this bloody thing and I got it to finally
Authenticat me =D

Course, I had to disable things in order to get it to give me a cookie to
authenticate with, but a few if's will fix that :D

I'm happy, I'm happy, I'm happy!  I might actually meet deadline :D

w00t!

er...  *ahem*

My thanks to all of you, and special thanks to Mark who helped me the most :D

Dennis



Re: cookies

2003-07-16 Thread Dennis Stout
> Cool dude. Now if you know why $r->pnotes() isn't working under
> apache/modperl .27 you'll make my day!

Got some source code to show me what you're doing with it?

Otherwise I'll just have to cut and paste the mod_perl API book to you ;)
hehehehe.

Dennis




Re: cookies

2003-07-16 Thread Mark Maunder
Cool dude. Now if you know why $r->pnotes() isn't working under
apache/modperl .27 you'll make my day! 

:wq

On Wed, 2003-07-16 at 21:42, Dennis Stout wrote:
> w00t!
> 
> ttms_user: mp2Ti5p1JkhCObm9LKBFGsiAltop8aAWwl6vLLDr/3rtb09MRzZrEg==
> 
> Here,
> 
> your $cookie = Apache::Cookie->new($state->{r},
> -name   => 'Mark',
> -value  => 'AWESOME!!!',
> -expires=> time + 86400*30*7,
> -domain => '.dyndns.org',
> -path   => '/',
> );
> 
> (okay, I made up "your", it sounds better than "my", and sinec this is fake
> nayways... heh)
> 
> oop, looking at that, I should set the domain to something more sane again,
> like stout.dyndns.org.  :P
> 
> Dennis
> 
> P.S. Does anyone else try to use Outlook Express like vi and get odd error
> messages after a days worth of coding?
> 
> - Original Message - 
> From: "Mark Maunder" <[EMAIL PROTECTED]>
> To: "Dennis Stout" <[EMAIL PROTECTED]>
> Cc: <[EMAIL PROTECTED]>
> Sent: Wednesday, July 16, 2003 20 33
> Subject: Re: cookies
> 
> 
> > >From perldoc CGI::Cookie
> > # fetch existing cookies
> > %cookies = fetch CGI::Cookie;
> > $id = $cookies{'ID'}->value;
> > #You're doing $cookies->value;
> >
> > ID == the name that you used when you set the cookie.
> >
> > On Wed, 2003-07-16 at 21:27, Dennis Stout wrote:
> > > *pounds head against brick wall*  why must it work against me???
> > >
> > > A cookie for anyone who solves this.
> > >
> > > sub handler {
> > > my $r = shift;
> > > my $result = undef;
> > >
> > > eval { $result = inner_handler($r) };
> > > return $result unless $@;
> > >
> > > warn "Uncaught Exception: $@";
> > >
> > > return SERVER_ERROR;
> > > }
> > >
> > > sub inner_handler {
> > > my $r = shift;
> > >
> > > my %q = ($r->args, $r->content);
> > > my %state = (r => $r, q => \%q);
> > >
> > > $state{title} = '';
> > > $state{template} = '';
> > > $state{auth_status} = password_boxes(\%state);
> > >
> > > #   warn "%ENV: \n";
> > > #   foreach (keys %ENV) {
> > > #   warn "$_ => $ENV{$_}\n";
> > > #   }
> > > #   my %headers = $r->headers_in;
> > > #   warn "Headers: \n";
> > > #   foreach (keys %headers) {
> > > #   warn "$_: $headers{$_}\n";
> > > #   }
> > > my $cookie = Apache::Cookie->fetch;
> > > warn "z - $cookie->value";
> > > validate_auth_cookie(\%state, $cookie);
> > >
> > > my $function = $r->uri;
> > > if (($state{login_user} eq '') and ($function ne '/login.cgi')) {
> > > $function = '/login.html';
> > > }
> > > my $func = $Dispatch{$function} || $Dispatch{DEFAULT};
> > >
> > > return DECLINED unless $func;
> > > return $func->(\%state);
> > > }
> > >
> > > Upon accessing a page (therefore generating lots of warning info in
> logs...) I
> > > get this in my error log.
> > >
> > > z - HASH(0x916ea08)->value at /home/httpd/ttms/perl/RequestHandler.pm line
> > > 108.
> > >
> > > (the z is there so I know where at in my code the line in the log file is
> > > being generated.  I like z's and a's more than I do
> > > "some/long/path/and/filename line 108")
> > >
> > > I have tried using $cookie as a value in and of itself, I've tried
> > > $cookie->{ttms_user}  (the name of hte cookie is ttms_user), I've tried
> > > changing $cookie to %cookie and doing a $cookie{ttms_user} ..
> > >
> > > I might break down, declare this a bug, and use $ENV{HTTP_COOKIE} instead.
> > >
> > > Any ideas how to fix this to return to me the cookie itself?  Thanks.
> > >
> > > Dennis
> > >
> > > - Original Message - 
> > > From: "Dennis Stout" <[EMAIL PROTECTED]>
&g

Re: cookies

2003-07-16 Thread Dennis Stout
w00t!

ttms_user: mp2Ti5p1JkhCObm9LKBFGsiAltop8aAWwl6vLLDr/3rtb09MRzZrEg==

Here,

your $cookie = Apache::Cookie->new($state->{r},
-name   => 'Mark',
-value  => 'AWESOME!!!',
-expires=> time + 86400*30*7,
-domain => '.dyndns.org',
-path   => '/',
);

(okay, I made up "your", it sounds better than "my", and sinec this is fake
nayways... heh)

oop, looking at that, I should set the domain to something more sane again,
like stout.dyndns.org.  :P

Dennis

P.S. Does anyone else try to use Outlook Express like vi and get odd error
messages after a days worth of coding?

- Original Message - 
From: "Mark Maunder" <[EMAIL PROTECTED]>
To: "Dennis Stout" <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Sent: Wednesday, July 16, 2003 20 33
Subject: Re: cookies


> >From perldoc CGI::Cookie
> # fetch existing cookies
> %cookies = fetch CGI::Cookie;
> $id = $cookies{'ID'}->value;
> #You're doing $cookies->value;
>
> ID == the name that you used when you set the cookie.
>
> On Wed, 2003-07-16 at 21:27, Dennis Stout wrote:
> > *pounds head against brick wall*  why must it work against me???
> >
> > A cookie for anyone who solves this.
> >
> > sub handler {
> > my $r = shift;
> > my $result = undef;
> >
> > eval { $result = inner_handler($r) };
> > return $result unless $@;
> >
> > warn "Uncaught Exception: $@";
> >
> > return SERVER_ERROR;
> > }
> >
> > sub inner_handler {
> > my $r = shift;
> >
> > my %q = ($r->args, $r->content);
> > my %state = (r => $r, q => \%q);
> >
> > $state{title} = '';
> > $state{template} = '';
> > $state{auth_status} = password_boxes(\%state);
> >
> > #   warn "%ENV: \n";
> > #   foreach (keys %ENV) {
> > #   warn "$_ => $ENV{$_}\n";
> > #   }
> > #   my %headers = $r->headers_in;
> > #   warn "Headers: \n";
> > #   foreach (keys %headers) {
> > #   warn "$_: $headers{$_}\n";
> > #   }
> > my $cookie = Apache::Cookie->fetch;
> > warn "z - $cookie->value";
> > validate_auth_cookie(\%state, $cookie);
> >
> > my $function = $r->uri;
> > if (($state{login_user} eq '') and ($function ne '/login.cgi')) {
> > $function = '/login.html';
> > }
> > my $func = $Dispatch{$function} || $Dispatch{DEFAULT};
> >
> > return DECLINED unless $func;
> > return $func->(\%state);
> > }
> >
> > Upon accessing a page (therefore generating lots of warning info in
logs...) I
> > get this in my error log.
> >
> > z - HASH(0x916ea08)->value at /home/httpd/ttms/perl/RequestHandler.pm line
> > 108.
> >
> > (the z is there so I know where at in my code the line in the log file is
> > being generated.  I like z's and a's more than I do
> > "some/long/path/and/filename line 108")
> >
> > I have tried using $cookie as a value in and of itself, I've tried
> > $cookie->{ttms_user}  (the name of hte cookie is ttms_user), I've tried
> > changing $cookie to %cookie and doing a $cookie{ttms_user} ..
> >
> > I might break down, declare this a bug, and use $ENV{HTTP_COOKIE} instead.
> >
> > Any ideas how to fix this to return to me the cookie itself?  Thanks.
> >
> > Dennis
> >
> > - Original Message - 
> > From: "Dennis Stout" <[EMAIL PROTECTED]>
> > To: "Dennis Stout" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>
> > Sent: Wednesday, July 16, 2003 20 13
> > Subject: Re: cookies
> >
> >
> > > Well I'll be damned.
> > >
> > > My computer at home does the cookie thing perfectly well.  My
workstation at
> > > work does not do cookies.  So my mod_perl creation is working fine as
far as
> > > getting the cookies.
> > >
> > > 
> > > YAY FOR WIN2K DOMAINS AND ADMIN WHO USE HELP DESK TECHS TO PROGRAM
TICKETING
> > > SYSTEMS FOR DSL, DIGITAL TV, AND DOMAINS!
> > > 
> > >
> > > I still have a problem tho.  The cookie string itself i

Re: cookies

2003-07-16 Thread Mark Maunder
>From perldoc CGI::Cookie
# fetch existing cookies
%cookies = fetch CGI::Cookie;
$id = $cookies{'ID'}->value;
#You're doing $cookies->value;

ID == the name that you used when you set the cookie.

On Wed, 2003-07-16 at 21:27, Dennis Stout wrote:
> *pounds head against brick wall*  why must it work against me???
> 
> A cookie for anyone who solves this.
> 
> sub handler {
> my $r = shift;
> my $result = undef;
> 
> eval { $result = inner_handler($r) };
> return $result unless $@;
> 
> warn "Uncaught Exception: $@";
> 
> return SERVER_ERROR;
> }
> 
> sub inner_handler {
> my $r = shift;
> 
> my %q = ($r->args, $r->content);
> my %state = (r => $r, q => \%q);
> 
> $state{title} = '';
> $state{template} = '';
> $state{auth_status} = password_boxes(\%state);
> 
> #   warn "%ENV: \n";
> #   foreach (keys %ENV) {
> #   warn "$_ => $ENV{$_}\n";
> #   }
> #   my %headers = $r->headers_in;
> #   warn "Headers: \n";
> #   foreach (keys %headers) {
> #   warn "$_: $headers{$_}\n";
> #   }
> my $cookie = Apache::Cookie->fetch;
> warn "z - $cookie->value";
> validate_auth_cookie(\%state, $cookie);
> 
> my $function = $r->uri;
> if (($state{login_user} eq '') and ($function ne '/login.cgi')) {
> $function = '/login.html';
> }
> my $func = $Dispatch{$function} || $Dispatch{DEFAULT};
> 
> return DECLINED unless $func;
> return $func->(\%state);
> }
> 
> Upon accessing a page (therefore generating lots of warning info in logs...) I
> get this in my error log.
> 
> z - HASH(0x916ea08)->value at /home/httpd/ttms/perl/RequestHandler.pm line
> 108.
> 
> (the z is there so I know where at in my code the line in the log file is
> being generated.  I like z's and a's more than I do
> "some/long/path/and/filename line 108")
> 
> I have tried using $cookie as a value in and of itself, I've tried
> $cookie->{ttms_user}  (the name of hte cookie is ttms_user), I've tried
> changing $cookie to %cookie and doing a $cookie{ttms_user} ..
> 
> I might break down, declare this a bug, and use $ENV{HTTP_COOKIE} instead.
> 
> Any ideas how to fix this to return to me the cookie itself?  Thanks.
> 
> Dennis
> 
> - Original Message - 
> From: "Dennis Stout" <[EMAIL PROTECTED]>
> To: "Dennis Stout" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>
> Sent: Wednesday, July 16, 2003 20 13
> Subject: Re: cookies
> 
> 
> > Well I'll be damned.
> >
> > My computer at home does the cookie thing perfectly well.  My workstation at
> > work does not do cookies.  So my mod_perl creation is working fine as far as
> > getting the cookies.
> >
> > 
> > YAY FOR WIN2K DOMAINS AND ADMIN WHO USE HELP DESK TECHS TO PROGRAM TICKETING
> > SYSTEMS FOR DSL, DIGITAL TV, AND DOMAINS!
> > 
> >
> > I still have a problem tho.  The cookie string itself is not being passed
> > along.  Instead, I am getting Apache::Cookie=SCALAR(0x9115c24).
> >
> > I imagine somewhere I need to do something like ->as_string or something.
> > blah
> >
> > Thanks for helping, sorry I didn't spot that the error was infact, in the
> > dumbterminal called a win2k box I was using, and not in any actual code
> >
> > Dennis Stout
> >
> > - Original Message - 
> > From: "Dennis Stout" <[EMAIL PROTECTED]>
> > To: <[EMAIL PROTECTED]>
> > Sent: Wednesday, July 16, 2003 13 13
> > Subject: cookies
> >
> >
> > > Okay, so technically this isn't really "mod_perl" speific...  but the
> cookie
> > > is being set with mod_perl and it's a huge mod_perl program being affected
> > by
> > > this:)
> > >
> > > I have a cookie, the domain is set to .stout.dyndns.org (with the leading
> > .).
> > >
> > > I set the cookie just fine now (thanks to those helping me on thatr)
> > >
> > > I had a problem parsing the cookie.  Added some debugging (okay, warn
> lines
> > up
> > > the yingyang) and after cycling through the headers and warning them out
> to
> > > the errorlog...  I never saw any cookie info.
> > >
> > > So... If the website is ttms.stout.dyndns.org shouldn't the cookie domain
> be
> > > .stout.dyndns.org?
> > >
> > > *sigh*  6 more days to finish this database.  I doubt I'll make it.
> > >
> > > Dennis
> > >
> >
-- 
Mark Maunder <[EMAIL PROTECTED]>
ZipTree Inc.



Re: cookies

2003-07-16 Thread Dennis Stout
*pounds head against brick wall*  why must it work against me???

A cookie for anyone who solves this.

sub handler {
my $r = shift;
my $result = undef;

eval { $result = inner_handler($r) };
return $result unless $@;

warn "Uncaught Exception: $@";

return SERVER_ERROR;
}

sub inner_handler {
my $r = shift;

my %q = ($r->args, $r->content);
my %state = (r => $r, q => \%q);

$state{title} = '';
$state{template} = '';
$state{auth_status} = password_boxes(\%state);

#   warn "%ENV: \n";
#   foreach (keys %ENV) {
#   warn "$_ => $ENV{$_}\n";
#   }
#   my %headers = $r->headers_in;
#   warn "Headers: \n";
#   foreach (keys %headers) {
#   warn "$_: $headers{$_}\n";
#   }
my $cookie = Apache::Cookie->fetch;
warn "z - $cookie->value";
validate_auth_cookie(\%state, $cookie);

my $function = $r->uri;
if (($state{login_user} eq '') and ($function ne '/login.cgi')) {
$function = '/login.html';
}
my $func = $Dispatch{$function} || $Dispatch{DEFAULT};

return DECLINED unless $func;
return $func->(\%state);
}

Upon accessing a page (therefore generating lots of warning info in logs...) I
get this in my error log.

z - HASH(0x916ea08)->value at /home/httpd/ttms/perl/RequestHandler.pm line
108.

(the z is there so I know where at in my code the line in the log file is
being generated.  I like z's and a's more than I do
"some/long/path/and/filename line 108")

I have tried using $cookie as a value in and of itself, I've tried
$cookie->{ttms_user}  (the name of hte cookie is ttms_user), I've tried
changing $cookie to %cookie and doing a $cookie{ttms_user} ..

I might break down, declare this a bug, and use $ENV{HTTP_COOKIE} instead.

Any ideas how to fix this to return to me the cookie itself?  Thanks.

Dennis

- Original Message - 
From: "Dennis Stout" <[EMAIL PROTECTED]>
To: "Dennis Stout" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>
Sent: Wednesday, July 16, 2003 20 13
Subject: Re: cookies


> Well I'll be damned.
>
> My computer at home does the cookie thing perfectly well.  My workstation at
> work does not do cookies.  So my mod_perl creation is working fine as far as
> getting the cookies.
>
> 
> YAY FOR WIN2K DOMAINS AND ADMIN WHO USE HELP DESK TECHS TO PROGRAM TICKETING
> SYSTEMS FOR DSL, DIGITAL TV, AND DOMAINS!
> 
>
> I still have a problem tho.  The cookie string itself is not being passed
> along.  Instead, I am getting Apache::Cookie=SCALAR(0x9115c24).
>
> I imagine somewhere I need to do something like ->as_string or something.
> blah
>
> Thanks for helping, sorry I didn't spot that the error was infact, in the
> dumbterminal called a win2k box I was using, and not in any actual code
>
> Dennis Stout
>
> - Original Message - 
> From: "Dennis Stout" <[EMAIL PROTECTED]>
> To: <[EMAIL PROTECTED]>
> Sent: Wednesday, July 16, 2003 13 13
> Subject: cookies
>
>
> > Okay, so technically this isn't really "mod_perl" speific...  but the
cookie
> > is being set with mod_perl and it's a huge mod_perl program being affected
> by
> > this:)
> >
> > I have a cookie, the domain is set to .stout.dyndns.org (with the leading
> .).
> >
> > I set the cookie just fine now (thanks to those helping me on thatr)
> >
> > I had a problem parsing the cookie.  Added some debugging (okay, warn
lines
> up
> > the yingyang) and after cycling through the headers and warning them out
to
> > the errorlog...  I never saw any cookie info.
> >
> > So... If the website is ttms.stout.dyndns.org shouldn't the cookie domain
be
> > .stout.dyndns.org?
> >
> > *sigh*  6 more days to finish this database.  I doubt I'll make it.
> >
> > Dennis
> >
>



Re: cookies

2003-07-16 Thread Dennis Stout
Well I'll be damned.

My computer at home does the cookie thing perfectly well.  My workstation at
work does not do cookies.  So my mod_perl creation is working fine as far as
getting the cookies.


YAY FOR WIN2K DOMAINS AND ADMIN WHO USE HELP DESK TECHS TO PROGRAM TICKETING
SYSTEMS FOR DSL, DIGITAL TV, AND DOMAINS!


I still have a problem tho.  The cookie string itself is not being passed
along.  Instead, I am getting Apache::Cookie=SCALAR(0x9115c24).

I imagine somewhere I need to do something like ->as_string or something.
blah

Thanks for helping, sorry I didn't spot that the error was infact, in the
dumbterminal called a win2k box I was using, and not in any actual code

Dennis Stout

- Original Message - 
From: "Dennis Stout" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Wednesday, July 16, 2003 13 13
Subject: cookies


> Okay, so technically this isn't really "mod_perl" speific...  but the cookie
> is being set with mod_perl and it's a huge mod_perl program being affected
by
> this:)
>
> I have a cookie, the domain is set to .stout.dyndns.org (with the leading
.).
>
> I set the cookie just fine now (thanks to those helping me on thatr)
>
> I had a problem parsing the cookie.  Added some debugging (okay, warn lines
up
> the yingyang) and after cycling through the headers and warning them out to
> the errorlog...  I never saw any cookie info.
>
> So... If the website is ttms.stout.dyndns.org shouldn't the cookie domain be
> .stout.dyndns.org?
>
> *sigh*  6 more days to finish this database.  I doubt I'll make it.
>
> Dennis
>



Re: cookies

2003-07-16 Thread Dennis Stout
> > One possibility: Check the -path option. It's supposed to set it to '/'
> > by default if you dont specify it, but it doesn't. I discovered this
> > about 20 minutes ago with a similar bug. So manually specify something
> > like:
> > my $cookie = Apache::Cookie->new($r,
> > -name => 'cookiename',
> > -value => 'someval',
> > -expires => '+7d',
> > -domain => '.dontvisitus.org',
> > -path => '/',
> > );

what I have is this:

sub set_auth_cookie {
my $state = shift;

my $val = build_auth_string($state);
my $c = Apache::Cookie->new($state->{r},
-name   => 'ttms_user',
-value  => $val,
-expires=> time + 86400*30*7,
-domain => $Cookie_Domain,
-path   => '/',
);
$state->{cookie_out} = $c;
}

This is called by various other routines, and $state is a hash = {r => $r, q =
\%q }, where q is a hash = {$r->args, $r->content}.

build_auth_string is another subroutine that makes a 446bit encryption string
thats encoded with mime::base64...

I got a path.  Does that get sent to all webpages ever, or just ones underh te
/ directory?  In otherwords, does hte cookie get sent when accessing
/login.html and not when accessing /admin/view_techs.html?

All the pages on this domain are generated dynamically with a custom built
dispatch table and some awesome subroutinage.  Does that matter?  Maybe I
should read the complete netscape cookie specification :/

I know the cookie is set because it tells me when it expires and when it was
last accessed and what not on the box I browse to it with. (win2k... blah)

And the program itself is running in a Linux environment :)

Time for more warnage in the routines...

If anyone wants sourcecode to look at, email me.  It's much to big to just
post to the list.

Dennis



Re: cookies

2003-07-16 Thread Mark Maunder
Forgot to include the list.

-Forwarded Message-
> From: Mark Maunder <[EMAIL PROTECTED]>
> To: Dennis Stout <[EMAIL PROTECTED]>
> Subject: Re: cookies
> Date: 16 Jul 2003 14:19:27 -0700
> 
> Hi Dennis,
> 
> One possibility: Check the -path option. It's supposed to set it to '/'
> by default if you dont specify it, but it doesn't. I discovered this
> about 20 minutes ago with a similar bug. So manually specify something
> like:
> my $cookie = Apache::Cookie->new($r,
> -name => 'cookiename',
> -value => 'someval',
> -expires => '+7d',
> -domain => '.dontvisitus.org',
> -path => '/',
> );
> 
> CGI::Cookie works the same in case that's what you're using. If you have
> Mozilla, go to Preferences/Privacy/Cookies, run cookie manager and check
> the path that's being set. That's how I discovered this. 
> 
> Hope that helps.
> 
> Mark.
> 
> On Wed, 2003-07-16 at 14:13, Dennis Stout wrote:
> > Okay, so technically this isn't really "mod_perl" speific...  but the cookie
> > is being set with mod_perl and it's a huge mod_perl program being affected by
> > this:)
> > 
> > I have a cookie, the domain is set to .stout.dyndns.org (with the leading .).
> > 
> > I set the cookie just fine now (thanks to those helping me on thatr)
> > 
> > I had a problem parsing the cookie.  Added some debugging (okay, warn lines up
> > the yingyang) and after cycling through the headers and warning them out to
> > the errorlog...  I never saw any cookie info.
> > 
> > So... If the website is ttms.stout.dyndns.org shouldn't the cookie domain be
> > .stout.dyndns.org?
> > 
> > *sigh*  6 more days to finish this database.  I doubt I'll make it.
> > 
> > Dennis
> -- 
> Mark Maunder <[EMAIL PROTECTED]>
> ZipTree Inc.
-- 
Mark Maunder <[EMAIL PROTECTED]>
ZipTree Inc.



cookies

2003-07-16 Thread Dennis Stout
Okay, so technically this isn't really "mod_perl" speific...  but the cookie
is being set with mod_perl and it's a huge mod_perl program being affected by
this:)

I have a cookie, the domain is set to .stout.dyndns.org (with the leading .).

I set the cookie just fine now (thanks to those helping me on thatr)

I had a problem parsing the cookie.  Added some debugging (okay, warn lines up
the yingyang) and after cycling through the headers and warning them out to
the errorlog...  I never saw any cookie info.

So... If the website is ttms.stout.dyndns.org shouldn't the cookie domain be
.stout.dyndns.org?

*sigh*  6 more days to finish this database.  I doubt I'll make it.

Dennis



RE: mod_perl 2.0 and cookies

2003-07-11 Thread Randy Kobes
On Fri, 11 Jul 2003, Ross Matt-QMR000 wrote:

> I would really like to be removed from this list but the
> un-scribe does not work for me. the problem is the mail address
> that I used way back when has been aliases to different
> address.

Try sending a message to [EMAIL PROTECTED]
for some suggestions.

-- 
best regards,
randy kobes


Re: mod_perl 2.0 and cookies

2003-07-11 Thread Randy Kobes
On Fri, 11 Jul 2003, Jamie Krasnoo wrote:

> So I've decided to dive headlong into 2.0. So far I like it but
> find the documentation lacking and there seems to be a lot
> missing. I tried Apache::Cookie with it, no dice. It gave an
> error to the effect that it didn't know what "bootstrap" was (I
> think that was it). Apache::Cookie made inserting cookies in
> mod_perl 1.0 so easy which in turn made life easier for
> programming. However I have scoured the documentation on how to
> insert a cookie into the header and the only thing I could come
> up with is that you use a filter to do it. Somehow I don't
> think that this is right and I am completely off. Could someone
> enlighten me as to how cookies work in MP2? If I can get past
> this I can figure out the rest on my own and maybe write a
> little documentation if I can understand it enough to do so.

It wasn't clear to me - are you using the development version of
httpd-apreq-2? The CPAN version of libapreq are for mod_perl 1 -
you'll need httpd-apreq-2 (available via cvs) for Apache 2.

If you are using Apache::Cookie of httpd-apreq-2, at this point,
probably the simplest way to see examples of the basic usage is
to go through the tests, under glue/perl/t/. Documentation
patches would be welcome - it would be easiest to subscribe to
the [EMAIL PROTECTED] mailing list and submit them
there.

-- 
best regards,
randy kobes


Re: mod_perl 2.0 and cookies

2003-07-11 Thread Dennis Stout
> So I've decided to dive headlong into 2.0. So far I like it but find the
> documentation lacking and there seems to be a lot missing. I tried
> Apache::Cookie with it, no dice. It gave an error to the effect that it
> didn't know what "bootstrap" was (I think that was it). Apache::Cookie
> made inserting cookies in mod_perl 1.0 so easy which in turn made life
> easier for programming. However I have scoured the documentation on how
> to insert a cookie into the header and the only thing I could come up
> with is that you use a filter to do it. Somehow I don't think that this
> is right and I am completely off. Could someone enlighten me as to how
> cookies work in MP2? If I can get past this I can figure out the rest on
> my own and maybe write a little documentation if I can understand it
> enough to do so.


>From what I've figured out through experiementing, tho I'd find out a lot more
by reading source and I'd be a bit more accurate in this... But I think
mod_perl 2 is just simply lacking all together.  I think the docs are lacking
info because the program is lacking hte feature!

Course, this only means I havern't figured out how to use the features, if
they are there.  But, to me, mod_perl x+1 should be backwards compatible with
mod_perl x, if it isn't, then it's broken.  (in my opinion..)

Dennis



mod_perl 2.0 and cookies

2003-07-11 Thread Jamie Krasnoo








So I’ve decided to dive headlong into 2.0. So far I like
it but find the documentation lacking and there seems to be a lot missing. I
tried Apache::Cookie with it, no dice. It gave an
error to the effect that it didn’t know what “bootstrap” was
(I think that was it). Apache::Cookie made inserting
cookies in mod_perl 1.0 so easy which in turn made
life easier for programming. However I have scoured the documentation on how to
insert a cookie into the header and the only thing I could come up with is that
you use a filter to do it. Somehow I don’t think that this is right and I
am completely off. Could someone enlighten me as to how cookies work in MP2? If
I can get past this I can figure out the rest on my own and maybe write a
little documentation if I can understand it enough to do so.

 

Thank you,

 

Jamie








RE: Convert Cookies-->HTTP Request Headers?

2003-04-06 Thread Kruse, Matt
Title: RE: Convert Cookies-->HTTP Request Headers?





>From: Brian Reichert
>Ok, I'm confused: the cookies are already in the request header,
>and you want to 'convert' them into a request header?


Well, yes. Two reasons:
1) In the real production environment, the cookie is encrypted and validated against a database with each request. My app knows nothing about the cookie. All it ever sees is the request headers.

2) I wanted to use a cookie simply because it's the easiest way to dynamically control the contents of the headers to be sent, and the easiest way I could think of that would work with a "login" page.

I assumed people would think it was an odd request, but it does make sense :)


>From: Juha-Mikko Ahonen
>Why name NAME to HTTP_NAME? Or do you want the cookie content to appear
>in subprocess environment (which has similar naming convention), like
>other server variables?


Actually, this was an oversight, I'm used to CGI!!


>>   2. Writing some sample code :)
>package Your::SSOHandler;


Thank you! This is exactly the kind of example I needed. Will test ASAP, and adjust to fit my specific needs. I'm quite familiar with Perl, it's mainly the API's that I'm clueless about. Your code makes sense and at least points me in exactly the right direction.

>For testing you could make the handler module stat and evaluate contents
>of an external Perl file. Put your code on the file to be evaluated,
>and avoid restarts.


True, that would work also, but it would still require modifying a file each time. 
With this cookie solution, I can create a fake "login" page which will set the appropriate cookies in _javascript_ and also allow for simulating "logout" by clearing the cookie.

Matt





Re: Convert Cookies-->HTTP Request Headers?

2003-04-05 Thread Michael Robinton
>On Fri, Apr 04, 2003 at 04:10:03PM -0500, Kruse, Matt wrote:
>> I have a unique need purely for testing purposes. I'm not very familiar
>> (yet) with mod_perl handlers in Apache, so I've had a rough time
>>getting
>> anything going.
>> Here is my goal:
>>
>> For every request to Apache:
>>   1. Parse the cookie coming in via the request header
>>   2. Pull out each value (ex: NAME=bob;TITLE=boss)
>>   3. Convert them to HTTP Request Headers
>>
>Ok, I'm confused: the cookies are already in the request header,
>and you want to 'convert' them into a request header?
>
>   4. Pass the request on to the requested resource (a script of some
>sort)
>
>> So, if I have a cookie like: NAME=bob;TITLE=boss
>> My program would then see the following headers in the request:
>>   HTTP_NAME=bob
>>   HTTP_TITLE=boss

>If you're using an Apache handler, see Apache::Cookie for unpeeling
>cookies.

>If you're running a classic CGI program, see CGI::Cookie for unpeeling
>cookies.

>> This will help me simulate a Single-Sign-On situation where the
>> authentication handler passes all authenticated user information to the
>> resource via headers.
>
>When you say 'HTTP request headers', did you really mean to say 'CGI
>parameters', as the CGI module uses the term?
>
>> Thanks!
>>
>> Matt Kruse

Also see:   Apache::FakeCookie on CPAN

for testing cookies without having to load httpd. It replaces the httpd
server for generating cookie responses during development and testing of
Apache-perl modules

Michael



Re: Convert Cookies-->HTTP Request Headers?

2003-04-05 Thread Juha-Mikko Ahonen
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On Saturday 05 April 2003 00:10, Kruse, Matt wrote:
> For every request to Apache:
>   1. Parse the cookie coming in via the request header
>   2. Pull out each value (ex: NAME=bob;TITLE=boss)
>   3. Convert them to HTTP Request Headers
>   4. Pass the request on to the requested resource (a script of some
> sort)

You'd need to write PerlHeaderParserHandler for that.

> So, if I have a cookie like: NAME=bob;TITLE=boss
> My program would then see the following headers in the request:
>   HTTP_NAME=bob
>   HTTP_TITLE=boss

Why name NAME to HTTP_NAME? Or do you want the cookie content to appear 
in subprocess environment (which has similar naming convention), like 
other server variables?

> This will help me simulate a Single-Sign-On situation where the
> authentication handler passes all authenticated user information to
> the resource via headers.
>
> Can anyone help me by either:
>   1. Giving an outline of what handlers I would want to use, and how
> I can write request headers with them
> or

The header parse phase would be ideal, since you're parsing headers. 
PerlInitHandler is an alias PerlHeaderParserHandler in .htaccess files.

>   2. Writing some sample code :)

package Your::SSOHandler;

use strict;
use Apache::Constants qw(:common);
use Apache::Cookie;

sub handler {
my $r = shift;
my $in = $r->headers_in;
return DECLINED unless $in->{'Cookie'};
my $cookies = Apache::Cookie->parse($in->{'Cookie'});
return DECLINED unless $cookies{'YourAuthenticationCookie'};

my %values = $cookies{'YourAuthenticationCookie'}->value;
my $env = $r->subprocess_env;

while (my ($key, $value) = each %values) {
my $h_key = 'HTTP_' . uc($key);
$in->{$h_key} = $value;
$env->{$h_key} = $value;
}

return OK;
}

1;

in httpd.conf (or .htaccess), put the following line where approppriate:

PerlModule Your::SSOHandler
PerlHeaderParserHandler Your::SSOHandler

Or something like that. Cutting and pasting may cause parse errors on 
incompatible windowing environments :)

> NOTES:
>   1. I'm running Apache 2.0 and mod_perl 2 right now, but I can bump
> it down if required

I don't know much about the differences in mod_perl 1 vs 2. These 
handlers work at least for Apache/mod_perl 1.

>   2. I've already used mod_headers to simulate this, but
> unfortunately that isn't dynamic enough for testing, ie, I need to
> change httpd.conf and re-start the server to test different header
> scenarios.

For testing you could make the handler module stat and evaluate contents 
of an external Perl file. Put your code on the file to be evaluated, 
and avoid restarts.

Or simply sending SIGUSR1 to the Apache parent process should be enough 
for it to restart child processes and reread configuration.
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE+jp7eWD8Ca88cV68RAuBAAJ9u0KWd2bAsHrYes/DXtareCYi00gCgkIEC
o8OTRNmghIHRUhJZAqX+gbs=
=YCIq
-END PGP SIGNATURE-



Re: Convert Cookies-->HTTP Request Headers?

2003-04-04 Thread Brian Reichert
On Fri, Apr 04, 2003 at 04:10:03PM -0500, Kruse, Matt wrote:
> I have a unique need purely for testing purposes. I'm not very familiar
> (yet) with mod_perl handlers in Apache, so I've had a rough time getting
> anything going.
> Here is my goal:
> 
> For every request to Apache:
>   1. Parse the cookie coming in via the request header
>   2. Pull out each value (ex: NAME=bob;TITLE=boss)
>   3. Convert them to HTTP Request Headers

Ok, I'm confused: the cookies are already in the request header,
and you want to 'convert' them into a request header?

>   4. Pass the request on to the requested resource (a script of some sort)
> 
> So, if I have a cookie like: NAME=bob;TITLE=boss
> My program would then see the following headers in the request:
>   HTTP_NAME=bob
>   HTTP_TITLE=boss

If you're using an Apache handler, see Apache::Cookie for unpeeling
cookies.

If you're running a classic CGI program, see CGI::Cookie for unpeeling
cookies.

> This will help me simulate a Single-Sign-On situation where the
> authentication handler passes all authenticated user information to the
> resource via headers.

When you say 'HTTP request headers', did you really mean to say 'CGI
parameters', as the CGI module uses the term?

> Thanks!
> 
> Matt Kruse

-- 
Brian 'you Bastard' Reichert<[EMAIL PROTECTED]>
37 Crystal Ave. #303Daytime number: (603) 434-6842
Derry NH 03038-1713 USA BSD admin/developer at large


Convert Cookies-->HTTP Request Headers?

2003-04-04 Thread Kruse, Matt
Title: Convert Cookies-->HTTP Request Headers?





I have a unique need purely for testing purposes. I'm not very familiar (yet) with mod_perl handlers in Apache, so I've had a rough time getting anything going.

Here is my goal:


For every request to Apache:
  1. Parse the cookie coming in via the request header
  2. Pull out each value (ex: NAME=bob;TITLE=boss)
  3. Convert them to HTTP Request Headers
  4. Pass the request on to the requested resource (a script of some sort)


So, if I have a cookie like: NAME=bob;TITLE=boss
My program would then see the following headers in the request:
  HTTP_NAME=bob
  HTTP_TITLE=boss


This will help me simulate a Single-Sign-On situation where the authentication handler passes all authenticated user information to the resource via headers.

Can anyone help me by either:
  1. Giving an outline of what handlers I would want to use, and how I can write request headers with them
or
  2. Writing some sample code :)


NOTES:
  1. I'm running Apache 2.0 and mod_perl 2 right now, but I can bump it down if required
  2. I've already used mod_headers to simulate this, but unfortunately that isn't dynamic enough for testing, ie, I need to change httpd.conf and re-start the server to test different header scenarios.

Thanks!


Matt Kruse





RE: mod_perl not sending cookies

2003-03-13 Thread Tom Murphy

Andrew,

Ya need to remember to CC the group as well.

Copied from an oldish Netscape spec:

--

domain=DOMAIN_NAME 
When searching the cookie list for valid cookies, a comparison of the domain
attributes of the cookie is made with the Internet domain name of the host
from which the URL will be fetched. If there is a tail match, then the
cookie will go through path matching to see if it should be sent. "Tail
matching" means that domain attribute is matched against the tail of the
fully qualified domain name of the host. A domain attribute of "acme.com"
would match host names "anvil.acme.com" as well as
"shipping.crate.acme.com". 
Only hosts within the specified domain can set a cookie for a domain and
domains must have at least two (2) or three (3) periods in them to prevent
domains of the form: ".com", ".edu", and "va.us". Any domain that fails
within one of the seven special top level domains listed below only require
two periods. Any other domain requires at least three. The seven special top
level domains are: "COM", "EDU", "NET", "ORG", "GOV", "MIL", and "INT". 

The default value of domain is the host name of the server which generated
the cookie response. 


path=PATH 
The path attribute is used to specify the subset of URLs in a domain for
which the cookie is valid. If a cookie has already passed domain matching,
then the pathname component of the URL is compared with the path attribute,
and if there is a match, the cookie is considered valid and is sent along
with the URL request. The path "/foo" would match "/foobar" and
"/foo/bar.html". The path "/" is the most general path. 
If the path is not specified, it as assumed to be the same path as the
document being described by the header which contains the cookie. 



> -Original Message-
> From: Andrew Fritz [mailto:[EMAIL PROTECTED]
> Sent: Thursday, March 13, 2003 7:07 PM
> To: Tom Murphy
> Subject: Re: mod_perl not sending cookies
> 
> 
> Bingo! That did it. I removed the path and domain and it works.
> 
> No, the dumb questions: any idea what they should be set to 
> to make it 
> work. I'm testing with my hosts file modified to point to a local 
> virtual host (jza70) instead of going to a real DNS accessable domain 
> name (jza70.com). Is that the issue or am I missunderstanding 
> what the 
> domain field is specifying. I thought it specified the "owner" of the 
> cookie. I'm not sure about the path field.
> 
> Andrew
> 
> Tom Murphy wrote:
> 
> >Usually when I have this problem the path and/or domain is 
> incorrect.  Try
> >it without either.
> >
> >Tom
> >
> >  
> >
> >>-Original Message-
> >>From: Andrew Fritz [mailto:[EMAIL PROTECTED]
> >>Sent: Thursday, March 13, 2003 12:25 PM
> >>To: [EMAIL PROTECTED]
> >>Subject: mod_perl not sending cookies
> >>
> >>
> >>I'm using Apache:AuthCookie. I have set up a basic test site. 
> >>It appears 
> >>that AuthCookie never send the cookie even though the call to:
> >>$r->err_headers_out->add("Set-Cookie" => $cookie);
> >>is there. If I modify the call to include a simple cookie:
> >>$r->err_headers_out->add("Set-Cookie" => 'a=b');
> >>it works.
> >>
> >>The value of $cookie is:
> >>jza70AuthHandler_JZA70=\"Thisisatest\"; expires=Tue, 11 Mar 2003 
> >>06:33:50 GMT; path=/thisisatest; domain=jza70
> >>
> >>The expires field is from a log of a few days ago, but was 
> >>valid (about 
> >>24 hours in the future) when it was sent.
> >>
> >>Any thoughts are apreciated.
> >>
> >>Andrew Fritz
> >>
> >>
> >>
> >>
> >
> >  
> >
> 
> 


RE: mod_perl not sending cookies

2003-03-13 Thread Tom Murphy

Usually when I have this problem the path and/or domain is incorrect.  Try
it without either.

Tom

> -Original Message-
> From: Andrew Fritz [mailto:[EMAIL PROTECTED]
> Sent: Thursday, March 13, 2003 12:25 PM
> To: [EMAIL PROTECTED]
> Subject: mod_perl not sending cookies
> 
> 
> I'm using Apache:AuthCookie. I have set up a basic test site. 
> It appears 
> that AuthCookie never send the cookie even though the call to:
> $r->err_headers_out->add("Set-Cookie" => $cookie);
> is there. If I modify the call to include a simple cookie:
> $r->err_headers_out->add("Set-Cookie" => 'a=b');
> it works.
> 
> The value of $cookie is:
> jza70AuthHandler_JZA70=\"Thisisatest\"; expires=Tue, 11 Mar 2003 
> 06:33:50 GMT; path=/thisisatest; domain=jza70
> 
> The expires field is from a log of a few days ago, but was 
> valid (about 
> 24 hours in the future) when it was sent.
> 
> Any thoughts are apreciated.
> 
> Andrew Fritz
> 
> 


Re: mod_perl not sending cookies

2003-03-13 Thread Richard Clarke
Are you using Apache::Cookie?

If so,

 #same as $cookie->bake
 $r->err_headers_out->add("Set-Cookie" => $cookie->as_string);

Are you doing this?

Richard.


- Original Message - 
From: "Andrew Fritz" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Thursday, March 13, 2003 8:24 PM
Subject: mod_perl not sending cookies


> I'm using Apache:AuthCookie. I have set up a basic test site. It appears 
> that AuthCookie never send the cookie even though the call to:
> $r->err_headers_out->add("Set-Cookie" => $cookie);
> is there. If I modify the call to include a simple cookie:
> $r->err_headers_out->add("Set-Cookie" => 'a=b');
> it works.
> 
> The value of $cookie is:
> jza70AuthHandler_JZA70=\"Thisisatest\"; expires=Tue, 11 Mar 2003 
> 06:33:50 GMT; path=/thisisatest; domain=jza70
> 
> The expires field is from a log of a few days ago, but was valid (about 
> 24 hours in the future) when it was sent.
> 
> Any thoughts are apreciated.
> 
> Andrew Fritz
> 
> 
> 
> 


mod_perl not sending cookies

2003-03-13 Thread Andrew Fritz
I'm using Apache:AuthCookie. I have set up a basic test site. It appears 
that AuthCookie never send the cookie even though the call to:
   $r->err_headers_out->add("Set-Cookie" => $cookie);
is there. If I modify the call to include a simple cookie:
   $r->err_headers_out->add("Set-Cookie" => 'a=b');
it works.

The value of $cookie is:
jza70AuthHandler_JZA70=\"Thisisatest\"; expires=Tue, 11 Mar 2003 
06:33:50 GMT; path=/thisisatest; domain=jza70

The expires field is from a log of a few days ago, but was valid (about 
24 hours in the future) when it was sent.

Any thoughts are apreciated.

Andrew Fritz



Re: reading cookies from mod_perl HTTP request handlers

2003-01-15 Thread Vishal Verma
On Wed, 2003-01-15 at 14:24, Geoffrey Young wrote:

> if you want to force %ENV to be setup earlier, try calling
> 
> $r->subprocess_env;
> 
> in a void context before checking %ENV - it used to segfault for me, but the 
> docs says it should work.
> 

This worked for me! Thanks a million!

-vish




Re: reading cookies from mod_perl HTTP request handlers

2003-01-15 Thread Geoffrey Young



But, I'm not able to see that cookie when I print $ENV{'HTTP_COOKIE'}
within in header_parse_handler. 

%ENV is setup during the fixup phase, so it hasn't been populated yet.


mod_perl docs say that that you can
examine request headers in the PerlHeaderParserHandler.


yes, using something like $r->headers_in.  you're actually better off using 
Apache::Cookie, which is in the libapreq distribution on cpan.

if you want to force %ENV to be setup earlier, try calling

$r->subprocess_env;

in a void context before checking %ENV - it used to segfault for me, but the 
docs says it should work.

HTH

--Geoff



reading cookies from mod_perl HTTP request handlers

2003-01-15 Thread Vishal Verma
Hi,

I'm unable to access/read cookies from incoming HTTP requests using
mod_perl HTTP request handlers.Here's what my relevant apache config
section looks like


PerlHeaderParserHandler MyModule::header_parse_handler



My browser already has a cookie named 'foo' with value 'bar' with path &
expire times set appropriately. Here's what my browser GET request looks
like


GET /cgi-bin/login HTTP/1.1
Host: xx
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.2.1)
Gecko/20021130
Accept:
text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,video/x-mng,image/png,image/jpeg,image/gif;q=0.2,text/css,*/*;q=0.1
Accept-Language: en-us, en;q=0.50
Accept-Encoding: gzip, deflate, compress;q=0.9
Accept-Charset: ISO-8859-1, utf-8;q=0.66, *;q=0.66
Keep-Alive: 300
Connection: keep-alive
Cookie: foo=bar

The last line confirms that the browser is sending the cookie.

But, I'm not able to see that cookie when I print $ENV{'HTTP_COOKIE'}
within in header_parse_handler. mod_perl docs say that that you can
examine request headers in the PerlHeaderParserHandler. Am I missing
something? Am I using a wrong handler? Please help.

thanks
-vish




RE: [mp2]Cookies?

2002-12-05 Thread Beau E. Cox
Hi Stas -

OK! Will do.

Aloha => Beau.

-Original Message-
From: Stas Bekman [mailto:[EMAIL PROTECTED]]
Sent: Thursday, December 05, 2002 4:07 PM
To: Beau E. Cox
Cc: Randy Kobes; Modperl
Subject: Re: [mp2]Cookies?


Beau E. Cox wrote:
> Hi Randy -
> 
> Sorry, I should have been more explicit. I am
> trying to use Apache::Cookie.

AFAIK, Apache::Cookie won't work under mp2, because Apache::Request 
wasn't ported yet. Trying using CGI::Cookie for now, as it has the same 
API and implemented in pure perl.

Notice that this is not an issue of Apache::compat, because 
Apache::Cookie is implemented in XS.

> What's with the Apache/test.pm (small 't')? I added use Apache2;
> (to add apache2 stuff to the @INC) - same results with or
> without it. Searched for Apache/_small t _est.pm - not found.

That's an older testing package coming from mp1. It won't work with mp2.


__
Stas BekmanJAm_pH --> Just Another mod_perl Hacker
http://stason.org/ mod_perl Guide ---> http://perl.apache.org
mailto:[EMAIL PROTECTED] http://use.perl.org http://apacheweek.com
http://modperlbook.org http://apache.org   http://ticketmaster.com






Re: [mp2]Cookies?

2002-12-05 Thread Stas Bekman
Beau E. Cox wrote:

Hi Randy -

Sorry, I should have been more explicit. I am
trying to use Apache::Cookie.


AFAIK, Apache::Cookie won't work under mp2, because Apache::Request 
wasn't ported yet. Trying using CGI::Cookie for now, as it has the same 
API and implemented in pure perl.

Notice that this is not an issue of Apache::compat, because 
Apache::Cookie is implemented in XS.

What's with the Apache/test.pm (small 't')? I added use Apache2;
(to add apache2 stuff to the @INC) - same results with or
without it. Searched for Apache/_small t _est.pm - not found.


That's an older testing package coming from mp1. It won't work with mp2.


__
Stas BekmanJAm_pH --> Just Another mod_perl Hacker
http://stason.org/ mod_perl Guide ---> http://perl.apache.org
mailto:[EMAIL PROTECTED] http://use.perl.org http://apacheweek.com
http://modperlbook.org http://apache.org   http://ticketmaster.com




RE: [mp2]Cookies?

2002-12-05 Thread Beau E. Cox
Hi Randy -

Sorry, I should have been more explicit. I am
trying to use Apache::Cookie. My Apache2 startup
script looks something like:

...
use Apache2 ();
use lib qw(/srv/www/perl);
use Apache::compat ();
use ModPerl::Util (); #for CORE::GLOBAL::exit
use Apache::RequestRec ();
use Apache::RequestIO ();
use Apache::RequestUtil ();
use Apache::Server ();
use Apache::ServerUtil ();
use Apache::Connection ();
use Apache::Log ();
use Apache::Session ();
use Apache::Cookie ();
...

Starting Apache2 with this script results in:

[Thu Dec 05 15:01:03 2002] [error] Can't locate object method "boot" via
package "mod_perl" at
/usr/lib/perl5/site_perl/5.8.0/i586-linux-thread-multi/Apache/Cookie.pm line
10.
Compilation failed in require at /srv/www/conf/startup.pl line 27.
BEGIN failed--compilation aborted at /srv/www/conf/startup.pl line 27.
Compilation failed in require at (eval 1) line 1.

Well, I say, what about that libapreq module I've heard about?
OK, so I get libapreq-1.1_rc1 (I figure, why not the latest?) untar
it, and:

perl Makefile.PL -apxs /mypathtoapache2apxs

and got:

Can't locate Apache/test.pm in @INC (@INC contains:
/usr/lib/perl5/site_perl/5.8.0/i586-linux-thread-multi/Apache2
/usr/lib/perl5/5.8.0/i586-linux-thread-multi /usr/lib/perl5/5.8.0
/usr/lib/perl5/site_perl/5.8.0/i586-linux-thread-multi
/usr/lib/perl5/site_perl/5.8.0 /usr/lib/perl5/site_perl .) at Makefile.PL
line 6.
BEGIN failed--compilation aborted at Makefile.PL line 6.

What's with the Apache/test.pm (small 't')? I added use Apache2;
(to add apache2 stuff to the @INC) - same results with or
without it. Searched for Apache/_small t _est.pm - not found.

I have the newbie blues

Aloha => Beau.

-Original Message-
From: Randy Kobes [mailto:[EMAIL PROTECTED]]
Sent: Thursday, December 05, 2002 2:40 PM
To: Beau E. Cox
Cc: Modperl
Subject: Re: [mp2]Cookies?


On Thu, 5 Dec 2002, Beau E. Cox wrote:

> Hi -
>
> I can't get cookies to work on AP/MP 2. Even in
> compat mode. I'm not sure if this is a mod_perl,
> apache, or a my stupidity question, but I'm posting it here
> anyway.

Are you trying a module, or a home-grown solution?

--
best regards,
randy kobes






Re: [mp2]Cookies?

2002-12-05 Thread Randy Kobes
On Thu, 5 Dec 2002, Beau E. Cox wrote:

> Hi -
> 
> I can't get cookies to work on AP/MP 2. Even in
> compat mode. I'm not sure if this is a mod_perl,
> apache, or a my stupidity question, but I'm posting it here
> anyway.

Are you trying a module, or a home-grown solution?

-- 
best regards,
randy kobes




[mp2]Cookies?

2002-12-05 Thread Beau E. Cox
Hi -

I can't get cookies to work on AP/MP 2. Even in
compat mode. I'm not sure if this is a mod_perl,
apache, or a my stupidity question, but I'm posting it here
anyway.

I've searched the archives, CPAN, etc. and can't seem
to find the issue addressed. If I'm asking an already
answered question, sorry.

Aloha => Beau.

PS: Is it time for a separate mp2 list? It sure would help
in searching the archives if you are specifically looking
for an mp2 issue.




Re: cookies and IE

2002-10-03 Thread Jean-Michel Hiver

> Wouldn't be the first time I've been wrong.  I do know that I was 
> seeing inconsistent behavior with cookies not being saved in a 
> redirect page (mostly IE PC, but not 100% of the time), but I didn't 
> spend any time worrying about it because of the previous messages I 
> remembered.  A quick check of my mailbox shows a discussion back in 
> March where someone suggested using Refresh instead of Redirect to 
> get around the problem.  I recall previous discussions, but I don't 
> have any on file.

Actually, I had the same problem with certain versions of IE not setting
cookies when they are used with redirects... I ended up making it so
that the redirect was unnecessary.

After a while I switched to HTTP authentication - In many ways it's even
simpler :-)

Cheers,
-- 
IT'S TIME FOR A DIFFERENT KIND OF WEB

  Jean-Michel Hiver - Software Director
  [EMAIL PROTECTED]
  +44 (0)114 255 8097

  VISIT HTTP://WWW.MKDOC.COM



Re: cookies and IE

2002-10-02 Thread Kee Hinckley

At 9:29 AM +0200 10/2/02, Sven Geisler wrote:
>Hi Alan,
>Hi Kee,
>
>I would say Kee is wrong.
>In our application, the development of which I am involved in, for a
>special case we need to write a cookie and redirect to another page.

Wouldn't be the first time I've been wrong.  I do know that I was 
seeing inconsistent behavior with cookies not being saved in a 
redirect page (mostly IE PC, but not 100% of the time), but I didn't 
spend any time worrying about it because of the previous messages I 
remembered.  A quick check of my mailbox shows a discussion back in 
March where someone suggested using Refresh instead of Redirect to 
get around the problem.  I recall previous discussions, but I don't 
have any on file.

The typical case here is that the user goes to page a, you redirect 
them to page b for authentication, they submit their password and the 
password page then sets a cookie and sends them back to a.

It may be that the problem was a coding one rather than a browser 
one. I just tore out the code and instead decided to internally 
display page b without doing a a redirect.  So your URL is for a, but 
the content is the login page (b).  On submit page sees a successful 
login, sets the cookie, and displays itself.  EmpberlObject made this 
trivial to do, and it ended up meaning less server roundtrips and 
less code.


-- 

Kee Hinckley - Somewhere.Com, LLC
http://consulting.somewhere.com/

I'm not sure which upsets me more: that people are so unwilling to accept
responsibility for their own actions, or that they are so eager to regulate
everyone else's.



Re: cookies and IE

2002-10-02 Thread Alan

On Wed, Oct 02, 2002 at 08:30:54PM +0200, Per Einar Ellefsen wrote:
> At 20:12 02.10.2002, Alan wrote:
> >On Wed, Oct 02, 2002 at 01:21:49PM -0400, Geoffrey Young wrote:
> >> so, it's not really a bug if you dig down into the docs and examples.
> >>  looks like a feature, though :)
> >
> >Agreed... more of a 'gotcha' though, ready to bite people in the butt.
> >Personally I think it might make more sense to do a check to see if the
> >val =~ /(\d+)(h|m|d|M)/ before it's sent off as a literal, but who
> >knows.  I'll email someone about it anyway.
> 
> It's because you can put a correctly formatted date string in the -expires 
> option, AFAIK. So if using your idea, the "literal" string might be 
> misinterpreted. Also, don't forget that you have +1d and -1d as another 
> possibility. I think the +/- makes sense. It's just one character :)

Oh, totally agreed, I just figured that it might be a good way to set a
default if there was no + or -, which could eliminate headaches for
people like me :)  Also, as there's no chance of a correctly formatted
date string being "\d(h|m|d|etc)", it could be a fair assumption.

My $0.02 anyway! :)

alan

-- 
Alan "Arcterex" <[EMAIL PROTECTED]>   -=][=-   http://arcterex.net
"I used to herd dairy cows. Now I herd lusers. Apart from the isolation, I
think I preferred the cows. They were better conversation, easier to milk, and
if they annoyed me enough, I could shoot them and eat them." -Rodger Donaldson



Re: cookies and IE

2002-10-02 Thread Per Einar Ellefsen

At 20:12 02.10.2002, Alan wrote:
>On Wed, Oct 02, 2002 at 01:21:49PM -0400, Geoffrey Young wrote:
> > so, it's not really a bug if you dig down into the docs and examples.
> >  looks like a feature, though :)
>
>Agreed... more of a 'gotcha' though, ready to bite people in the butt.
>Personally I think it might make more sense to do a check to see if the
>val =~ /(\d+)(h|m|d|M)/ before it's sent off as a literal, but who
>knows.  I'll email someone about it anyway.

It's because you can put a correctly formatted date string in the -expires 
option, AFAIK. So if using your idea, the "literal" string might be 
misinterpreted. Also, don't forget that you have +1d and -1d as another 
possibility. I think the +/- makes sense. It's just one character :)


-- 
Per Einar Ellefsen
[EMAIL PROTECTED]





Re: cookies and IE

2002-10-02 Thread Alan

On Wed, Oct 02, 2002 at 01:21:49PM -0400, Geoffrey Young wrote:
> so, it's not really a bug if you dig down into the docs and examples. 
>  looks like a feature, though :)

Agreed... more of a 'gotcha' though, ready to bite people in the butt.
Personally I think it might make more sense to do a check to see if the
val =~ /(\d+)(h|m|d|M)/ before it's sent off as a literal, but who
knows.  I'll email someone about it anyway.

alan

-- 
Alan "Arcterex" <[EMAIL PROTECTED]>   -=][=-   http://arcterex.net
"I used to herd dairy cows. Now I herd lusers. Apart from the isolation, I
think I preferred the cows. They were better conversation, easier to milk, and
if they annoyed me enough, I could shoot them and eat them." -Rodger Donaldson



Re: cookies and IE

2002-10-02 Thread Geoffrey Young


> But when it's set to "3d" the cookie is set as:
> Set-Cookie=name=value; path=/path; expires=3d 
> 
> Which makes sense, but it's a very subtle thing IMHO, and to me "1d"
> means "expire in one day", the same as "+1d".
> 
> Anything think that this deserves a bug report, or chalk it up to stupid
> user syndrome?

the logic in apache_request.c seems to indicate that you get options 
+time, -time, and 'now'.  any other formats (such as "1d") get the 
literal string in the cookie.  untested, though :)

the Apache::Cookie manpage says it's a CGI::Cookie emulation, where 
CGI::Cookie says to see CGI.pm for acceptable -expires values, which 
doesn't say much except illustrate that + and - and 'now' are 
permissible values.

so, it's not really a bug if you dig down into the docs and examples. 
  looks like a feature, though :)

I can't think of a reason why you'd want a literal in the expires 
field, but I don't use cookies all that much, so maybe there are some 
cases where it's desirable.

maybe $cookie should be undef, or the cookie should default to 
browser-session-only if -expires doesn't follow the standard format?

maybe that's a question for [EMAIL PROTECTED]

--Geoff





Re: cookies and IE

2002-10-02 Thread Alan

On Wed, Oct 02, 2002 at 08:15:23AM -0500, Nicholas Studt wrote:
> > Alan wrote [ 01 October 2002 at 03:09 pm ]
> > 
> > On Tue, Oct 01, 2002 at 11:30:59AM -0700, Alan wrote:
> > 
> > Turns out the issue was the 'expires' tag... IE wouldn't set the cookie
> > until it was set to '+1d'
> 
> If setting the expires tag to +1d fixed the problem you may want to look
> at the time on the machine running IE. I ran into a problem where the
> clients clock was in the wrong timezone, this of course changed the
> distance from GMT and caused the cookie to be expired as it was sent. IE
> did not accept the cookie at all. However once the time was set
> correctly the cookie worked correctly.

Nope... one of the versions of IE that I was running was on the same
machine (running through crossover office).  

Looks like my little problem really had nothing to do with refreshing
and setting cookies, but it was actually in the way that parsing works in 
Apache::Cookie (and CGI/CGI::Cookie).  When the expires is set to "+3d" 
the cookie is set as follows:

Set-Cookie=name=value; path=/path; expires=Sat, 05-Oct-2002 15:10:06 GMT 

But when it's set to "3d" the cookie is set as:
Set-Cookie=name=value; path=/path; expires=3d 

Which makes sense, but it's a very subtle thing IMHO, and to me "1d"
means "expire in one day", the same as "+1d".

Anything think that this deserves a bug report, or chalk it up to stupid
user syndrome?

Alan

-- 
Alan "Arcterex" <[EMAIL PROTECTED]>   -=][=-   http://arcterex.net
"I used to herd dairy cows. Now I herd lusers. Apart from the isolation, I
think I preferred the cows. They were better conversation, easier to milk, and
if they annoyed me enough, I could shoot them and eat them." -Rodger Donaldson



Re: cookies and IE

2002-10-02 Thread Nicholas Studt

> Alan wrote [ 01 October 2002 at 03:09 pm ]
> 
> On Tue, Oct 01, 2002 at 11:30:59AM -0700, Alan wrote:
> 
> Turns out the issue was the 'expires' tag... IE wouldn't set the cookie
> until it was set to '+1d'

If setting the expires tag to +1d fixed the problem you may want to look
at the time on the machine running IE. I ran into a problem where the
clients clock was in the wrong timezone, this of course changed the
distance from GMT and caused the cookie to be expired as it was sent. IE
did not accept the cookie at all. However once the time was set
correctly the cookie worked correctly.

-- 
  nicholas l studt
  [EMAIL PROTECTED]



Re: cookies and IE

2002-10-02 Thread Per Einar Ellefsen

At 09:02 02.10.2002, Alan wrote:
>On Tue, Oct 01, 2002 at 07:23:39PM -0400, Kee Hinckley wrote:
> > At 11:30 AM -0700 10/1/02, Alan wrote:
> > >Hi folks... I'm having a bit of a weird problem with Apache::Cookie and
> > >IE.
> > >
> > >I'm setting a cookie and then doing a redirect as follows:
> >
> > This must come up once every few months.  I'd complain about that
> > fact, but the irony is that just last week I couldn't figure out why
> > a new site I was working on wasn't setting cookies in IE and....  I'd
> > done the same thing I'd read about a dozen times.
> >
> > IE doesn't reliably set cookies on a refresh.  I believe the only
> > solution is to rearchitect the site.
>
>Interesting... on the several browsers/OSs I had it tested on it seemed
>to work.
>
>Anyway, if this is such a common question, who do you talk to to get it
>stuck in the perl.apache.org page about cookies? :)

Send some paragraphs detailing this to me (preferably in POD), and it'll be 
added to the site.


-- 
Per Einar Ellefsen
[EMAIL PROTECTED]





Re: cookies and IE

2002-10-02 Thread Sven Geisler

Hi Alan,
Hi Kee,

I would say Kee is wrong.
In our application, the development of which I am involved in, for a 
special case we need to write a cookie and redirect to another page. 
So we use Apache::Cookie to write the cookie and http redirect. Cookie is 
always set.  I changed the http redirect to html meta 
refresh and it still worked, as I thought it would!

Regards
Sven.

On Wed, 2 Oct 2002, Alan wrote:

> On Tue, Oct 01, 2002 at 07:23:39PM -0400, Kee Hinckley wrote:
> > At 11:30 AM -0700 10/1/02, Alan wrote:
> > >Hi folks... I'm having a bit of a weird problem with Apache::Cookie and
> > >IE.
> > >
> > >I'm setting a cookie and then doing a redirect as follows:
> > 
> > This must come up once every few months.  I'd complain about that 
> > fact, but the irony is that just last week I couldn't figure out why 
> > a new site I was working on wasn't setting cookies in IE and  I'd 
> > done the same thing I'd read about a dozen times.
> > 
> > IE doesn't reliably set cookies on a refresh.  I believe the only 
> > solution is to rearchitect the site.
> 
> Interesting... on the several browsers/OSs I had it tested on it seemed
> to work.  
> 
> Anyway, if this is such a common question, who do you talk to to get it
> stuck in the perl.apache.org page about cookies? :)
> 
> alan
> 
> 

-- 
Sven Geislere-mail:  [EMAIL PROTECTED]
Senior Developertel:(+49 30) 53 62 16 27




Re: cookies and IE

2002-10-01 Thread Sven Geisler

Hi Alan,

I guess your mistake is to send the refresh header as http header.
You should use a meta tag in html or redirect in http.

Sven.


On Tue, 1 Oct 2002, Alan wrote:

> Hi folks... I'm having a bit of a weird problem with Apache::Cookie and
> IE.
> 
> I'm setting a cookie and then doing a redirect as follows:
> 
> my $c = Apache::Cookie->new( $r,
> -name => 'userdata',
> -value => $cookie,
> -expires => '1d',
> -path => '/dealers'
> );
> 
> $r->content_type('text/html');
> $c->bake;
> $r->header_out("Refresh"=>"0;url=/dealers$request_uri");
> $r->no_cache(1);
> $r->send_http_header;
> $r->print( print_refresh_page_content() );
> 
> (print_refresh_page_content() just returns a string of "authenticated")
> 
> After the authenticated message is printed it should refresh back to the
> /dealers/ URL, except this time the handler will see there is a cookie
> and print out the real data, not a username/pass prompt.
> 
> This works *perfectly* in mozilla linux, galeon, mozilla windows, and
> ie6 under windows XP.  It *doesn't* work on ie 6 under win98, winME, or
> ie 5.5 run through crossover office.  It displays the authenticated
> page, but then refreshes back to the login page.  No cookie is set, but
> debug when setting the cookie shows the following:
> 
> Set-Cookie=userdata=[data]; path=/dealers; expires=1d at 
>/home/alan/code/rubberoven/mod_perl/Rubberoven/Dealer.pm line 139.
> Refresh=0;url=/dealers/ at /home/alan/code/rubberoven/mod_perl/Rubberoven/Dealer.pm 
>line 139.
> Pragma=no-cache at /home/alan/code/rubberoven/mod_perl/Rubberoven/Dealer.pm line 139.
> Cache-control=no-cache at /home/alan/code/rubberoven/mod_perl/Rubberoven/Dealer.pm 
>line 139.
> Connection=close at /home/alan/code/rubberoven/mod_perl/Rubberoven/Dealer.pm line 
>139.
> Content-Type=text/html at /home/alan/code/rubberoven/mod_perl/Rubberoven/Dealer.pm 
>line 139.
> Expires=Tue, 01 Oct 2002 18:30:31 GMT at 
>/home/alan/code/rubberoven/mod_perl/Rubberoven/Dealer.pm line 139.
> 
> This is the same that is printed out when a working browser gets cookies
> set.
> 
> I've played around with the security settings, and even at the lowest
> setting, with IE set to prompt for any cookies, it won't even
> acknowledge that I'm trying to set a cookie.
> 
> Anyone have any ideas/solutions/thoughts?
> 
> 
> 

-- 
Sven Geislere-mail:  [EMAIL PROTECTED]
Senior Developertel:(+49 30) 53 62 16 27




Re: cookies and IE

2002-10-01 Thread Alan

On Tue, Oct 01, 2002 at 07:23:39PM -0400, Kee Hinckley wrote:
> At 11:30 AM -0700 10/1/02, Alan wrote:
> >Hi folks... I'm having a bit of a weird problem with Apache::Cookie and
> >IE.
> >
> >I'm setting a cookie and then doing a redirect as follows:
> 
> This must come up once every few months.  I'd complain about that 
> fact, but the irony is that just last week I couldn't figure out why 
> a new site I was working on wasn't setting cookies in IE and  I'd 
> done the same thing I'd read about a dozen times.
> 
> IE doesn't reliably set cookies on a refresh.  I believe the only 
> solution is to rearchitect the site.

Interesting... on the several browsers/OSs I had it tested on it seemed
to work.  

Anyway, if this is such a common question, who do you talk to to get it
stuck in the perl.apache.org page about cookies? :)

alan

-- 
Alan "Arcterex" <[EMAIL PROTECTED]>   -=][=-   http://arcterex.net
"I used to herd dairy cows. Now I herd lusers. Apart from the isolation, I
think I preferred the cows. They were better conversation, easier to milk, and
if they annoyed me enough, I could shoot them and eat them." -Rodger Donaldson



Re: cookies and IE

2002-10-01 Thread Kee Hinckley

At 11:30 AM -0700 10/1/02, Alan wrote:
>Hi folks... I'm having a bit of a weird problem with Apache::Cookie and
>IE.
>
>I'm setting a cookie and then doing a redirect as follows:

This must come up once every few months.  I'd complain about that 
fact, but the irony is that just last week I couldn't figure out why 
a new site I was working on wasn't setting cookies in IE and  I'd 
done the same thing I'd read about a dozen times.

IE doesn't reliably set cookies on a refresh.  I believe the only 
solution is to rearchitect the site.
-- 

Kee Hinckley - Somewhere.Com, LLC
http://consulting.somewhere.com/

I'm not sure which upsets me more: that people are so unwilling to accept
responsibility for their own actions, or that they are so eager to regulate
everyone else's.



Re: cookies and IE

2002-10-01 Thread Alan

On Tue, Oct 01, 2002 at 11:30:59AM -0700, Alan wrote:
> Hi folks... I'm having a bit of a weird problem with Apache::Cookie and
> IE.
> 
> I'm setting a cookie and then doing a redirect as follows:
> 
> my $c = Apache::Cookie->new( $r,
> -name => 'userdata',
> -value => $cookie,
> -expires => '1d',
> -path => '/dealers'
> );
> 
> $r->content_type('text/html');
> $c->bake;
> $r->header_out("Refresh"=>"0;url=/dealers$request_uri");
> $r->no_cache(1);
> $r->send_http_header;
> $r->print( print_refresh_page_content() );

Turns out the issue was the 'expires' tag... IE wouldn't set the cookie
until it was set to '+1d'

alan

-- 
Alan "Arcterex" <[EMAIL PROTECTED]>   -=][=-   http://arcterex.net
"I used to herd dairy cows. Now I herd lusers. Apart from the isolation, I
think I preferred the cows. They were better conversation, easier to milk, and
if they annoyed me enough, I could shoot them and eat them." -Rodger Donaldson



cookies and IE

2002-10-01 Thread Alan

Hi folks... I'm having a bit of a weird problem with Apache::Cookie and
IE.

I'm setting a cookie and then doing a redirect as follows:

my $c = Apache::Cookie->new( $r,
-name => 'userdata',
-value => $cookie,
-expires => '1d',
-path => '/dealers'
);

$r->content_type('text/html');
$c->bake;
$r->header_out("Refresh"=>"0;url=/dealers$request_uri");
$r->no_cache(1);
$r->send_http_header;
$r->print( print_refresh_page_content() );

(print_refresh_page_content() just returns a string of "authenticated")

After the authenticated message is printed it should refresh back to the
/dealers/ URL, except this time the handler will see there is a cookie
and print out the real data, not a username/pass prompt.

This works *perfectly* in mozilla linux, galeon, mozilla windows, and
ie6 under windows XP.  It *doesn't* work on ie 6 under win98, winME, or
ie 5.5 run through crossover office.  It displays the authenticated
page, but then refreshes back to the login page.  No cookie is set, but
debug when setting the cookie shows the following:

Set-Cookie=userdata=[data]; path=/dealers; expires=1d at 
/home/alan/code/rubberoven/mod_perl/Rubberoven/Dealer.pm line 139.
Refresh=0;url=/dealers/ at /home/alan/code/rubberoven/mod_perl/Rubberoven/Dealer.pm 
line 139.
Pragma=no-cache at /home/alan/code/rubberoven/mod_perl/Rubberoven/Dealer.pm line 139.
Cache-control=no-cache at /home/alan/code/rubberoven/mod_perl/Rubberoven/Dealer.pm 
line 139.
Connection=close at /home/alan/code/rubberoven/mod_perl/Rubberoven/Dealer.pm line 139.
Content-Type=text/html at /home/alan/code/rubberoven/mod_perl/Rubberoven/Dealer.pm 
line 139.
Expires=Tue, 01 Oct 2002 18:30:31 GMT at 
/home/alan/code/rubberoven/mod_perl/Rubberoven/Dealer.pm line 139.

This is the same that is printed out when a working browser gets cookies
set.

I've played around with the security settings, and even at the lowest
setting, with IE set to prompt for any cookies, it won't even
acknowledge that I'm trying to set a cookie.

Anyone have any ideas/solutions/thoughts?


-- 
Alan "Arcterex" <[EMAIL PROTECTED]>   -=][=-   http://arcterex.net
"I used to herd dairy cows. Now I herd lusers. Apart from the isolation, I
think I preferred the cows. They were better conversation, easier to milk, and
if they annoyed me enough, I could shoot them and eat them." -Rodger Donaldson



Apache::Cookies - problems with cookies

2002-07-28 Thread Ross Becker

Hi there folks,
  I'm just getting back into some mod_perl after a fairly lengthy absence,
and I'm running into some troubles with cookies.

Basic summary- I'm trying to set a session ID in a cookie, and it works only
if I do not include an expiration time.

Details:

-snip
 %r_cookies = Apache::Cookies->fetch();
  if ( $r_cookies{'session'} ) {
Apache::warn('cookie found.');
$r_sessid = $r_cookies{'session'}->value();
$r_cookies{'session'}->bake();
  } else {
my $sessid = create_new_session();
Apache::warn('cookie created.');
$cookie = Apache::Cookie->new($r,
 -name=>  'session',
 -value   =>  $sessid,
 -expires =>  '+7d',
 -domain  =>  '.mydomain.com',
 -path=>  '/cgi'
 );
$cookie->bake();
  }
-snip

Ok, that's the example code. Here's what I'm experiencing.
With the code as you see it, every time I hit a page, I get a message in the
log saying that I created a cookie, even though netscape tells me that I'm
modifying an existing cookie on reloads. Netscape sees the cookie, but my
code isn't finding it in the fetched cookies.

If I make one modification to this code- remove the "-expires => '+7d',"
from the cookie creation, remove all cookies from netscape and go look at my
site, everything works perfectly, except that the cookie only lasts until
the browser gets closed. I'd like to have a bit more persistence than that.

Anyone care to explain how I'm being an idiot? I'm sure I'm missing
something here, just not certain what. 

Additionally, anyone got good solutions for looking at the headers being
sent to your browser along with a page, besides using a sniffer? I would
find it useful to check what's being sent to my browser from other web sites
and compare it to what I'm generating to see what I can learn.

Thanks
  --Ross Becker





Re: Weird problem with cookies on Netscape with apache running a virtualhost

2002-07-12 Thread Chris Pizzo

Doh!
Thanks that's it!


- Original Message -
From: "___cliff rayman___" <[EMAIL PROTECTED]>
To: "Chris Pizzo" <[EMAIL PROTECTED]>
Cc: "Charles" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>
Sent: Friday, July 12, 2002 5:10 PM
Subject: Re: Weird problem with cookies on Netscape with apache running a
virtualhost


> Chris Pizzo wrote:
>
> >
> > $r->headers_out->set('Set-Cookie',$cc);
> > $r->headers_out->set('Set-Cookie',$c);
>
> should this second one be?
> $r->headers_out->add('Set-Cookie',$c);
>
> i didn't get a chance to try it, but it should be easy to try.
>
> >
> >
> >  $r->cgi_header_out('Location',"mypage.html");
> >  $r->send_http_header;
> >
> > This only sets one of the cookies ($c).  How do I set multiple cookies?
>
> --
> ___cliff [EMAIL PROTECTED]http://www.genwax.com/
>
>
>




Re: Weird problem with cookies on Netscape with apache running a virtualhost

2002-07-12 Thread darren chamberlain

* Chris Pizzo <[EMAIL PROTECTED]> [2002-07-12 17:02]:
> This works but I need to set multiple cookies.  Im doing this:
> 
> my $c = new CGI::Cookie(-name => 'SID', -value => 'stuff', -expires
> => '+6M');
> my $cc = new CGI::Cookie(-name => 'BUD', -value =>
> 'Wassup', -expires => '+6M');
> 
> $r->headers_out->set('Set-Cookie',$cc);
> $r->headers_out->set('Set-Cookie',$c);
> 
>  $r->cgi_header_out('Location',"mypage.html");
>  $r->send_http_header;

$r->headers_out->add('Set-Cookie', $c);
$r->headers_out->add('Set-Cookie', $cc);

Or better yet, use Apache::Cookie, which has a bake() method that can be
used multiple times.

(darren)

-- 
Biographical history, as taught in our public schools, is still largely a
history of boneheads:  ridiculous kings and queens, paranoid political
leaders, compulsive voyagers, ignorant generals -- the flotsam and jetsam
of historical currents.  The men who radically altered history, the great
scientists and mathematicians, are seldom mentioned, if at all.
-- Martin Gardner



Re: Weird problem with cookies on Netscape with apache running a virtualhost

2002-07-12 Thread ___cliff rayman___

Chris Pizzo wrote:

>
> $r->headers_out->set('Set-Cookie',$cc);
> $r->headers_out->set('Set-Cookie',$c);

should this second one be?
$r->headers_out->add('Set-Cookie',$c);

i didn't get a chance to try it, but it should be easy to try.

>
>
>  $r->cgi_header_out('Location',"mypage.html");
>      $r->send_http_header;
>
> This only sets one of the cookies ($c).  How do I set multiple cookies?

--
___cliff [EMAIL PROTECTED]http://www.genwax.com/





Re: Weird problem with cookies on Netscape with apache running a virtualhost

2002-07-12 Thread Chris Pizzo


- Original Message -
From: "Charles" <[EMAIL PROTECTED]>
To: "Chris Pizzo" <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Sent: Friday, July 12, 2002 1:51 PM
Subject: RE: Weird problem with cookies on Netscape with apache running a
virtualhost


> Chris,
>
> It is a bit difficult to determine your problem but here are a few
> suggestions:
>
> 1) Revert to $r->headers_out->set('Set-Cookie',
> cookie(-name=>'cookie_name', -value=>'value_here'));  If this works, check
> for a difference in the module you are using.

This works but I need to set multiple cookies.  Im doing this:

my $c = new CGI::Cookie(-name => 'SID', -value => 'stuff', -expires
=> '+6M');
my $cc = new CGI::Cookie(-name => 'BUD', -value =>
'Wassup', -expires => '+6M');

$r->headers_out->set('Set-Cookie',$cc);
    $r->headers_out->set('Set-Cookie',$c);

 $r->cgi_header_out('Location',"mypage.html");
 $r->send_http_header;

This only sets one of the cookies ($c).  How do I set multiple cookies?

CGI::Cookie says to concatenate using a ";" but that errors out.

Sorry, bit of a novice here.
-Chris




RE: Weird problem with cookies on Netscape with apache running a virtualhost

2002-07-12 Thread Charles

Chris,

It is a bit difficult to determine your problem but here are a few
suggestions:

1) Revert to $r->headers_out->set('Set-Cookie',
cookie(-name=>'cookie_name', -value=>'value_here'));  If this works, check
for a difference in the module you are using.

2) You may have inconstant privacy settings on your browser which can cause
your browser to reject cookies from untrusted sites.  Check with
http://www.w3.org/TR/P3P/ to learn about setting up your site's privacy
settings.

Charles

-Original Message-
From: Chris Pizzo [mailto:[EMAIL PROTECTED]]
Sent: Friday, July 12, 2002 11:29 AM
To: [EMAIL PROTECTED]
Subject: Weird problem with cookies on Netscape with apache running a
virtualhost


This might be a little off topic.
I recently installed apache 1.3.26 with modperl 1.26.  I run a virtual host
seconady website.  When I try to retieve or write cookies to a netscape
browser from the virtualhost URL it doesn't work.

cookies work fine on the main server.

cookies work fine on both main and virtualhost using an IE browser.

This all worked fine on both before I upgraded apache and modperl.

I use Apache::Vookie to set and retrieve cookies.

Anybody have an Idea to point me in the right direction to solve this?

Thanks,
Chris






Re: Weird problem with cookies on Netscape with apache running avirtualhost

2002-07-12 Thread Ged Haywood

Hi there,

On Fri, 12 Jul 2002, Chris Pizzo wrote:

> This might be a little off topic.

Not if it's the result of a mod_perl upgrade. :)

> I recently installed apache 1.3.26 with modperl 1.26. [snip]
> try to retieve or write cookies to a netscape
> browser from the virtualhost URL it doesn't work.

I think I saw something like this mentioned not long ago on this List.
You might want to try checking the archives.  But if I were doing it
I'd probably dump the HTTP headers to a file and crawl through them.
(I'd probably learn a lot:).

73,
Ged.




Weird problem with cookies on Netscape with apache running a virtualhost

2002-07-12 Thread Chris Pizzo

This might be a little off topic.
I recently installed apache 1.3.26 with modperl 1.26.  I run a virtual host
seconady website.  When I try to retieve or write cookies to a netscape
browser from the virtualhost URL it doesn't work.

cookies work fine on the main server.

cookies work fine on both main and virtualhost using an IE browser.

This all worked fine on both before I upgraded apache and modperl.

I use Apache::Vookie to set and retrieve cookies.

Anybody have an Idea to point me in the right direction to solve this?

Thanks,
Chris




Re: Setting Cookies

2002-06-13 Thread ___cliff rayman___

ok - here is something ugly - off the top of my head.
when a user submits without a cookie, or a cookie that
u do not recognize:
1) Set-Cookie for the proper domain (i.e. .rhythym.com)
2) redirect them to the requested page, but with a fully qualified host/domain
(i.e. http://www.rhythym.com/someLocation/)

Rasoul Hajikhani wrote:

> Hello folks,
> Yesterday I posted a question about PerlTransHandler and received a lot
> of responses. Thanks to all of you who replied. However, my problem
> persists. I try to be more precise in explaining the problem today.
> My login module sets a few cookies that expire 24 hrs after they are
> set. Upon each request the validity of the cookies is checked, and in
> case of an expired cookie, the user is redirected to the login page to
> resubmit username/password again. A request with a fully qualified URL,
> example: http://myserver.mydomain.com/someLocation, has no problem
> continuing. The cookies are set. However, in case the URL has the
> ".domain.com" stripped, the login page is regenerated indefinitely. The
> cookies never get set.
> There were a few suggestions, such as using mod_rewrite, however that is
> out of the question because mod_rewrite was not built with our http
> server. My PerlTransHandler does not seem to be able to distinguish
> myserver.domain.com/someLocation request with myserver/someLocation.
> I appreciate any suggestions on this.
> -r

--
___cliff [EMAIL PROTECTED]http://www.genwax.com/





Setting Cookies

2002-06-13 Thread Rasoul Hajikhani

Hello folks,
Yesterday I posted a question about PerlTransHandler and received a lot
of responses. Thanks to all of you who replied. However, my problem
persists. I try to be more precise in explaining the problem today.
My login module sets a few cookies that expire 24 hrs after they are
set. Upon each request the validity of the cookies is checked, and in
case of an expired cookie, the user is redirected to the login page to
resubmit username/password again. A request with a fully qualified URL,
example: http://myserver.mydomain.com/someLocation, has no problem
continuing. The cookies are set. However, in case the URL has the
".domain.com" stripped, the login page is regenerated indefinitely. The
cookies never get set.
There were a few suggestions, such as using mod_rewrite, however that is
out of the question because mod_rewrite was not built with our http
server. My PerlTransHandler does not seem to be able to distinguish
myserver.domain.com/someLocation request with myserver/someLocation. 
I appreciate any suggestions on this.
-r



Re: Porting to mod_perl and cookies are breaking. Why?

2002-06-10 Thread Per Einar Ellefsen

At 23:55 10.06.2002, Mark Korey wrote:

>We found the problem ... this was an odd one (aren't most!?!).
>Turns out that the path (i.e. $cgi->cookie(-path =>'/', ...); )
>was NOT being set. Guess we assumed that CGI.pm would default it to '/'.
>Setting that seemed to do the trick.
>We are using CGI.pm and did not need to "PerlSetupEnv On".

It's the default to have it On, that's why it got me wondering.

>I'm still not sure why this works differently under mod_perl.

Probably not mod_perl's fault at all, you might have been using a different 
path before (or maybe a different vresion of CGI.pm?)

>Semi-related to this, isn't $cgi->cookie just an API which
>uses $ENV{HTTP_COOKIE}?

CGI.pm has mod_perl-related code under the hood. I'm not sure if the same 
applies to CGI::Cookie (which is used for $cgi->cookie).

>What's the big advantage of Apache::Cookie?

It's C, so it's faster. It uses the Apache API. You won't have to do things 
like print $cgi->header(-cookie => ...), you just do $cookie->bake; But 
basically, you don't need it yet.

>I'd like to keep my code as flexible & compatible as possible
>so it will run under both standard CGI & mod_perl, at least
>while we work the kinks out of our mod_perl configuration.

In that case, just keep your current code. You'll only have the use for the 
likes of Apache::Cookie when you start moving to the Apache Perl API anyway.

>On Mon, 10 Jun 2002, Per Einar Ellefsen wrote:
>
> > At 05:43 10.06.2002, Mark Korey wrote:
> > >ENV{HTTP_COOKIE} does not contain a newly set cookie, often it
> > >still contains an old value when I try to change it (ie switch to a
> > >different user).
> > >Everything else appears to be working fine.
> >
> > If you're saying that $ENV{HTTP_COOKIE} is empty, you should set
> > "PerlSetupEnv On" in your Location section. See
> > http://perl.apache.org/release/docs/1.0/guide/config.html#PerlSetupEnv
> >
> > Could we see your code (an excerpt showing the problem)? You might be doing
> > something wrong when trying to set cookies. Furthermore, you should really
> > be using CGI.pm, CGI::Cookie or Apache::Cookie for your cookie needs.

-- 
Per Einar Ellefsen
[EMAIL PROTECTED]





Re: Porting to mod_perl and cookies are breaking. Why?

2002-06-10 Thread Mark Korey


We found the problem ... this was an odd one (aren't most!?!).
Turns out that the path (i.e. $cgi->cookie(-path =>'/', ...); )
was NOT being set. Guess we assumed that CGI.pm would default it to '/'.
Setting that seemed to do the trick.
We are using CGI.pm and did not need to "PerlSetupEnv On".

I'm still not sure why this works differently under mod_perl.

Semi-related to this, isn't $cgi->cookie just an API which
uses $ENV{HTTP_COOKIE}?

What's the big advantage of Apache::Cookie?

I'd like to keep my code as flexible & compatible as possible
so it will run under both standard CGI & mod_perl, at least
while we work the kinks out of our mod_perl configuration.

Thanks.

- Mark
  www.fantasycup.com


On Mon, 10 Jun 2002, Per Einar Ellefsen wrote:

> At 05:43 10.06.2002, Mark Korey wrote:
> >ENV{HTTP_COOKIE} does not contain a newly set cookie, often it
> >still contains an old value when I try to change it (ie switch to a
> >different user).
> >Everything else appears to be working fine.
>
> If you're saying that $ENV{HTTP_COOKIE} is empty, you should set
> "PerlSetupEnv On" in your Location section. See
> http://perl.apache.org/release/docs/1.0/guide/config.html#PerlSetupEnv
>
> Could we see your code (an excerpt showing the problem)? You might be doing
> something wrong when trying to set cookies. Furthermore, you should really
> be using CGI.pm, CGI::Cookie or Apache::Cookie for your cookie needs.
>
>
> --
> Per Einar Ellefsen
> [EMAIL PROTECTED]




Re: Can't set multiple cookies?

2002-06-10 Thread Ken Miller

Last confirmation: 1.3.25-dev does indeed work fine.

I've got cookies flying everywhere!

Thanks guys!

-klm.

- Original Message -
From: "Ken Miller" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Friday, June 07, 2002 3:45 PM
Subject: RE: Can't set multiple cookies?


> Yup, just confirmed it.  1.3.20 works fine, but .24 is busted.
>
> I'll try the latest CVS version.
>
> Thanks guys!
>
> -klm.
>
> -Original Message-
> From: Balazs Rauznitz [mailto:[EMAIL PROTECTED]]
> Sent: Friday, June 07, 2002 2:48 PM
> To: Dave Rolsky
> Cc: Ken Miller; [EMAIL PROTECTED]
> Subject: Re: Can't set multiple cookies?
>
>
> On Fri, Jun 07, 2002 at 12:32:56PM -0500, Dave Rolsky wrote:
> > On Fri, 7 Jun 2002, Ken Miller wrote:
> >
> > > Ok, so continuing down the path of a single sign-on system, I've
> completed a
> > > rough framework, and it works fine.  However, I thought it might be
nice
> to
> > > segregate the various bits of information into different cookies.
> > > Unfortunately, setting multiple cookies doesn't seem to be working.
> Here
> > > are the outbound headers obtained via $r->as_string:
> > >
> > > Set-Cookie: ACS_UID=miller; path=/
> > > Set-Cookie: ACS_Test=blah; path=/
> > > Set-Cookie: ACS_Ticket=stuff; path=/
> > >
> > > on the next request, here's the Cookie header:
> > >
> > > Cookie: ACS_Ticket=stuff; RC_Creds=miller%2C
> >
> > I suspect you're using a 2-tier Apache setup with Apache 1.3.23 on the
> > frontend, right?
> >
> > This is a bug in mod_proxy with 1.3.23.  I _think_ its fixed in 1.3.24.
> > If you're using 1.3.24 try reverting to 1.3.22 (which I know works) and
> > see if that fixes it.
>
> 1.3.24 is broken in more than one way; I am using the latest CVS version
> without problems.
>
> Balazs
>
>
>
>




Re: Porting to mod_perl and cookies are breaking. Why?

2002-06-09 Thread Per Einar Ellefsen

At 05:43 10.06.2002, Mark Korey wrote:
>ENV{HTTP_COOKIE} does not contain a newly set cookie, often it
>still contains an old value when I try to change it (ie switch to a
>different user).
>Everything else appears to be working fine.

If you're saying that $ENV{HTTP_COOKIE} is empty, you should set 
"PerlSetupEnv On" in your Location section. See 
http://perl.apache.org/release/docs/1.0/guide/config.html#PerlSetupEnv

Could we see your code (an excerpt showing the problem)? You might be doing 
something wrong when trying to set cookies. Furthermore, you should really 
be using CGI.pm, CGI::Cookie or Apache::Cookie for your cookie needs.


-- 
Per Einar Ellefsen
[EMAIL PROTECTED]





Porting to mod_perl and cookies are breaking. Why?

2002-06-09 Thread Mark Korey

Hi,

We're in the process of setting up mod_perl on a site which uses cookies

to perform user authentication. Everything worked fine before mod_perl,
but now the cookie is not set when we check for it.
I've searched the web & "Developer's Cookbook", but can't find any
references
to this type of problem, so I'm turning here!
We have not tried Apache::Cookie yet, I'm hoping that, while it might be

a good solution, it won't be *required*.

Here's what we got:
Embedded Perl version 5.00503 for Apache/1.3.9 (Unix) mod_perl/1.27

and in httpd.conf:
PerlRequire /opt/apache/FSE/share/cgi-bin/start-up.pl
PerlFreshRestart On

Alias /home/ /opt/apache/FSE/share/cgi-bin/

SetHandler perl-script
PerlHandler Apache::Registry
Options +ExecCGI
PerlSendHeader On


*Why* are cookies not readable?
*How* do we get them working??

ENV{HTTP_COOKIE} does not contain a newly set cookie, often it
still contains an old value when I try to change it (ie switch to a
different user).
Everything else appears to be working fine.

Thanks!

---
mlk @ korey.net
www.fantasycup.com
---





RE: Can't set multiple cookies?

2002-06-07 Thread Ken Miller

Yup, just confirmed it.  1.3.20 works fine, but .24 is busted.

I'll try the latest CVS version.

Thanks guys!

-klm.

-Original Message-
From: Balazs Rauznitz [mailto:[EMAIL PROTECTED]]
Sent: Friday, June 07, 2002 2:48 PM
To: Dave Rolsky
Cc: Ken Miller; [EMAIL PROTECTED]
Subject: Re: Can't set multiple cookies?


On Fri, Jun 07, 2002 at 12:32:56PM -0500, Dave Rolsky wrote:
> On Fri, 7 Jun 2002, Ken Miller wrote:
>
> > Ok, so continuing down the path of a single sign-on system, I've
completed a
> > rough framework, and it works fine.  However, I thought it might be nice
to
> > segregate the various bits of information into different cookies.
> > Unfortunately, setting multiple cookies doesn't seem to be working.
Here
> > are the outbound headers obtained via $r->as_string:
> >
> > Set-Cookie: ACS_UID=miller; path=/
> > Set-Cookie: ACS_Test=blah; path=/
> > Set-Cookie: ACS_Ticket=stuff; path=/
> >
> > on the next request, here's the Cookie header:
> >
> > Cookie: ACS_Ticket=stuff; RC_Creds=miller%2C
>
> I suspect you're using a 2-tier Apache setup with Apache 1.3.23 on the
> frontend, right?
>
> This is a bug in mod_proxy with 1.3.23.  I _think_ its fixed in 1.3.24.
> If you're using 1.3.24 try reverting to 1.3.22 (which I know works) and
> see if that fixes it.

1.3.24 is broken in more than one way; I am using the latest CVS version
without problems.

Balazs





Re: Can't set multiple cookies?

2002-06-07 Thread Balazs Rauznitz

On Fri, Jun 07, 2002 at 12:32:56PM -0500, Dave Rolsky wrote:
> On Fri, 7 Jun 2002, Ken Miller wrote:
> 
> > Ok, so continuing down the path of a single sign-on system, I've completed a
> > rough framework, and it works fine.  However, I thought it might be nice to
> > segregate the various bits of information into different cookies.
> > Unfortunately, setting multiple cookies doesn't seem to be working.  Here
> > are the outbound headers obtained via $r->as_string:
> >
> > Set-Cookie: ACS_UID=miller; path=/
> > Set-Cookie: ACS_Test=blah; path=/
> > Set-Cookie: ACS_Ticket=stuff; path=/
> >
> > on the next request, here's the Cookie header:
> >
> > Cookie: ACS_Ticket=stuff; RC_Creds=miller%2C
> 
> I suspect you're using a 2-tier Apache setup with Apache 1.3.23 on the
> frontend, right?
> 
> This is a bug in mod_proxy with 1.3.23.  I _think_ its fixed in 1.3.24.
> If you're using 1.3.24 try reverting to 1.3.22 (which I know works) and
> see if that fixes it.

1.3.24 is broken in more than one way; I am using the latest CVS version without 
problems.

Balazs



Re: Can't set multiple cookies?

2002-06-07 Thread Dave Rolsky

On Fri, 7 Jun 2002, Ken Miller wrote:

> Ok, so continuing down the path of a single sign-on system, I've completed a
> rough framework, and it works fine.  However, I thought it might be nice to
> segregate the various bits of information into different cookies.
> Unfortunately, setting multiple cookies doesn't seem to be working.  Here
> are the outbound headers obtained via $r->as_string:
>
> Set-Cookie: ACS_UID=miller; path=/
> Set-Cookie: ACS_Test=blah; path=/
> Set-Cookie: ACS_Ticket=stuff; path=/
>
> on the next request, here's the Cookie header:
>
> Cookie: ACS_Ticket=stuff; RC_Creds=miller%2C

I suspect you're using a 2-tier Apache setup with Apache 1.3.23 on the
frontend, right?

This is a bug in mod_proxy with 1.3.23.  I _think_ its fixed in 1.3.24.
If you're using 1.3.24 try reverting to 1.3.22 (which I know works) and
see if that fixes it.


-dave

/*==
www.urth.org
we await the New Sun
==*/




Can't set multiple cookies?

2002-06-07 Thread Ken Miller

Ok, so continuing down the path of a single sign-on system, I've completed a
rough framework, and it works fine.  However, I thought it might be nice to
segregate the various bits of information into different cookies.
Unfortunately, setting multiple cookies doesn't seem to be working.  Here
are the outbound headers obtained via $r->as_string:

Set-Cookie: ACS_UID=miller; path=/
Set-Cookie: ACS_Test=blah; path=/
Set-Cookie: ACS_Ticket=stuff; path=/

on the next request, here's the Cookie header:

Cookie: ACS_Ticket=stuff; RC_Creds=miller%2C

The RC_Creds cookie is set in a callback handler.  So, where are the other
two cookies?

I've tried the following incantations:

foreach( [ $cookie_a, $cookie_b, ... ] ) {
$r->err_headers_out->add( 'Set-Cookie', $_ );
}

or

$r->err_header_out( 'Set-Cookie' => $cookie_a );
$r->err_headers_out->add( 'Set-Cookie' => $cookie_b );

or

$r->err_headers_out->add( 'Set-Cookie' => [ $cookie_a, $cookie_b ] );

The outbound headers all look the same, but in each case, only the last
cookie is set.  This happens with both Netscape and IE.

The really annoying thing is that this was working at one point: I would set
multiple cookies in one go, and all the cookies would be sent back to the
server on the next invocation.

I've searched the Guide and online, but I've not found any clues as to why
the multiple cookies are NOT being set.

Brain cramp, or something more serious?

-klm.






Re: login.pl not sending cookies via POST?

2002-05-23 Thread Brian Reichert

On Thu, May 23, 2002 at 11:21:31AM -0400, Fran Fabrizio wrote:
> >
> >
> >(I haven't re-tested Apache::AuthCookieDBI.)
> >
> >I have no idea why POST _doesn't_ work, mind you...
> >
> 
> For what it's worth, my setup with AuthCookieDBI works just fine with POST.

I agree that is _should_; I've written such things before.

My setup is on a Cobalt XTR server, and the vendor's made some
_weird_ decisions...

But, thanks for the feedback...

> 
> -Fran
> 

-- 
Brian 'you Bastard' Reichert<[EMAIL PROTECTED]>
37 Crystal Ave. #303Daytime number: (603) 434-6842
Derry NH 03038-1713 USA Intel architecture: the left-hand path



Re: login.pl not sending cookies via POST?

2002-05-23 Thread Fran Fabrizio

>
>
>(I haven't re-tested Apache::AuthCookieDBI.)
>
>I have no idea why POST _doesn't_ work, mind you...
>

For what it's worth, my setup with AuthCookieDBI works just fine with POST.

-Fran




login.pl not sending cookies via POST?

2002-05-22 Thread Brian Reichert

I have tried two different Apache::AuthCookie subclasses:

  Apache::AuthTicket 0.31
  Apache::AuthCookieDBI 1.18

Apache::AuthCookie comes with an example login.pl, as well as does
Apache::AuthCookieDBI.

The symptom I was seeing: my browser would submit the form generated
by login.pl:

  [Wed May 22 17:05:45 2002] [error] auth_type Apache::AuthTicket
  [Wed May 22 17:05:45 2002] [error] auth_name CredTest
  [Wed May 22 17:05:45 2002] [error] ses_key_cookie 
  [Wed May 22 17:05:45 2002] [error] uri /credentials/private/index.html

I was verifing via tcpdump that my browser was sending the data via POST.

I could now wait forever, until the connection gets reset.  However,
if I got impatient, and terminated the request, I'd then see only
then that the Apache::AuthTicket handler was getting my data:

  [Wed May 22 17:05:49 2002] [error] credential_0 foo
  [Wed May 22 17:05:49 2002] [error] credential_1 bar
  [Wed May 22 17:05:49 2002] [error] ses_key
  
expires:1022102449:hash:68938c9521597c10fe1d165780b032fd:version:1:time:1022101549:user:foo

It turns out both of these example scripts use a 'POST' method; if
I change that to a 'GET' method, Apache::AuthTicket works out-of-the-box.
(I haven't re-tested Apache::AuthCookieDBI.)

I have no idea why POST _doesn't_ work, mind you...

Just an FYI to the public at large...

(Just wasted a day chasing crap with tcpdump, trying to track this
one down...)

-- 
Brian 'you Bastard' Reichert<[EMAIL PROTECTED]>
37 Crystal Ave. #303Daytime number: (603) 434-6842
Derry NH 03038-1713 USA Intel architecture: the left-hand path



Apache::AuthCookieDBI not sending cookies?

2002-05-21 Thread Brian Reichert

I've pawed though the archives, to no avail...

I've almost, but not quite, have Apache::AuthCookieDBI working for
me.

The symptom I'm seeing (to my eye) is that my browser is never
getting cookies sent back to it, even if I hand login.pl a valid
user/password.  (So I infer from the final error message; see below.)

Details of my setup:

  Apache::AuthCookieDBI 1.18

  $ httpd -v
  Server version: Apache/1.3.12 Cobalt (Unix) (please don't laugh)
  Server built:   May 25 2001 17:23:24

In my httpd.conf:

  
SetHandler perl-script
PerlHandler Apache::Registry
Options ExecCGI
PerlSendHeader On
  
  
  PerlSetVar CredTestDBI_DSN "DBI:mysql:database=devel_db"
  PerlSetVar CredTestDBI_User ""
  PerlSetVar CredTestDBI_Password "xx"
  PerlSetVar CredTestDBI_UsersTable "cred_test_user"
  PerlSetVar CredTestDBI_GroupsTable "cred_test_group"
  PerlSetVar CredTestDBI_SecretKeyFile "/home/sites/siteNN/cred_auth.key"
  
  PerlSetVar CredTestPath /
  PerlSetVar CredTestLoginScript /cgi-bin/login.pl
  
  PerlSetVar AuthCookieDebug 3
  
  PerlModule Apache::AuthCookieDBI
  
  
AuthType Apache::AuthCookieDBI
AuthName CredTest
PerlAuthenHandler Apache::AuthCookieDBI->authenticate
PerlAuthzHandler Apache::AuthCookieDBI->authorize
require valid-user
  
  
  
  AuthType Apache::AuthCookieDBI
AuthName CredTest
SetHandler perl-script
PerlHandler Apache::AuthCookieDBI->login
  

When I make a request for /credentials/private/index.html, I indeed
get the login page.  My (slightly sanitized) web log shows:

  [Wed May 22 01:15:59 2002] [error] auth_type Apache::AuthCookieDBI
  [Wed May 22 01:15:59 2002] [error] auth_name CredTest
  [Wed May 22 01:15:59 2002] [error] ses_key_cookie 
  [Wed May 22 01:15:59 2002] [error] uri /credentials/private/index.html

I then fill in the fields, and hit 'submit':

  [Wed May 22 01:16:03 2002] [error] Converting POST -> GET

Now, my browser's connection hangs for a few minutes, ultimately
yielding no data.  If I get impatient, and terminate things
browser-side; my web log then shows:

  [Wed May 22 01:16:26 2002] [error] credential_0 foo
  [Wed May 22 01:16:26 2002] [error] credential_1 bar
  [Wed May 22 01:16:26 2002] [error] access to /LOGIN failed for
  NNN.NNN.NNN.NNN, reason: Apache::AuthCookieDBI: didn't have the
  secret key for auth realm CredTest
  [Wed May 22 01:16:26 2002] [error] ses_key bad

I get these same result with two different browsers, and using the
example login.pl programs that come with Apache::AuthCookieDBI and
Apache::AuthCookie.

Does anyone have any insight on what I'm _supposed_ to be seeing?

-- 
Brian 'you Bastard' Reichert<[EMAIL PROTECTED]>
37 Crystal Ave. #303Daytime number: (603) 434-6842
Derry NH 03038-1713 USA Intel architecture: the left-hand path



Re: Any known gotchas with sending cookies?

2002-05-01 Thread karnurme


> This works fine for the first access. Subsequently, I wipe out the
> backend database to see if a new session is correctly created. A new
> session is created as expected, but the problem is that the new cookie
> does not seem to stick to the browser. I've verified that this doesn't
...
> Is there any known gotchas for this type of thing? Or am I missing
> something?

Could this be a redirection problem? One gotcha that I learned was that:
my $method = ($is_redirection) ? 'err_headers_out' : 'headers_out';
$r->$method->add("Set-Cookie" => $cookie->as_string);


I don't know if this is similar to what I did, but here you go anyhow:

sub hash_to_cookies {
my ($r, $hashref) = @_;
my $is_redirection = (@_) ? shift : undef;
my $method = ($is_redirection) ? 'err_headers_out' : 'headers_out';
# From Apache::Cookie documentation:
# $cookie->bake is same as $r->err_headers_out->add("Set-Cookie" =>
$cookie->as_string);
# Guide: You should use err_headers_out() and not headers_out()
# when you want to send cookies in the REDIRECT response.
my ($cookie);
foreach my $key (keys %{$hashref}) {
$cookie = Apache::Cookie->new(  $r,
-name   => $key,
-value  => $hashref->{$key},
-path   => '/');
$r->$method->add("Set-Cookie" => $cookie->as_string);
}
}
sub hash_to_cookies_OK {hash_to_cookies(@_);}
sub hash_to_cookies_REDIRECT {hash_to_cookies(@_, 1);}


-- 

Kari Nurmela,
[EMAIL PROTECTED], (02) 333 8847 / (0400) 786 547




Re: Any known gotchas with sending cookies?

2002-04-29 Thread Daisuke Maki
hmm, I still can't$B!!(Bget it to work, but it somehow works under LWP. the
following code actually gets the cookie correctly, and no bogus sessions
are created in my server. any ideas??

use strict;
use LWP::UserAgent;

my $ua = LWP::UserAgent->new();
$ua->cookie_jar({ file => "$ENV{ HOME }/cookies.txt", autosave => 1 });
my $req = HTTP::Request->new( GET => 'http://foobar.com' );
my $res = $ua->request( $req );

print $res->as_string;

print $ua->cookie_jar->as_string, "\n";

--d

Daisuke Maki wrote:
> I'm really lost with this...
> 
> I'm trying to set a session cookie from PerlAccessHandler. I'm basically
> doing (simplified code):
> 
>   my $cookie_jar = Apache::Cookie->fetch
>   my $session_id = $cookie_jar->{ session }->value;
> 
>   if( !session_active( $session_id ) ) {
>   my $session_obj = create_session_obj(); ## create and store new
> session
>   my $cookie  = Apache::Cookie->new(
>   $r,
>   -name=> 'session',
>   -value   => $session_obj->id,
>   -path=> '/',
>   -domain  => 'my.domain.com',
>   -expires => '+30m'
>   );
> 
>   $r->headers_out->add( "Set-Cookie" => $cookie->as_string );
>   }
>   return DECLINED;
> 
> This works fine for the first access. Subsequently, I wipe out the
> backend database to see if a new session is correctly created. A new
> session is created as expected, but the problem is that the new cookie
> does not seem to stick to the browser. I've verified that this doesn't
> seem to be a browser issue, as I have problems with all browsers that I
> have ( IE5.5, IE6, Mozilla 1.0rc)
> 
> Is there any known gotchas for this type of thing? Or am I missing
> something?
> 
> TIA,
> --d
> 
> 


Any known gotchas with sending cookies?

2002-04-29 Thread Daisuke Maki

I'm really lost with this...

I'm trying to set a session cookie from PerlAccessHandler. I'm basically
doing (simplified code):

  my $cookie_jar = Apache::Cookie->fetch
  my $session_id = $cookie_jar->{ session }->value;

  if( !session_active( $session_id ) ) {
  my $session_obj = create_session_obj(); ## create and store new
session
  my $cookie  = Apache::Cookie->new(
  $r,
  -name=> 'session',
  -value   => $session_obj->id,
  -path=> '/',
  -domain  => 'my.domain.com',
  -expires => '+30m'
  );

  $r->headers_out->add( "Set-Cookie" => $cookie->as_string );
  }
  return DECLINED;

This works fine for the first access. Subsequently, I wipe out the
backend database to see if a new session is correctly created. A new
session is created as expected, but the problem is that the new cookie
does not seem to stick to the browser. I've verified that this doesn't
seem to be a browser issue, as I have problems with all browsers that I
have ( IE5.5, IE6, Mozilla 1.0rc)

Is there any known gotchas for this type of thing? Or am I missing
something?

TIA,
--d


RE: Cookies and IE in mod_perl

2002-03-27 Thread Rob Bloodgood

> I've determined that it isn't the redirect causing the cookies not
> to be set.  If I take out the redirect, and just try to set a cookie
> w/o a redirect, it still doesn't set the cookies in IE.  Does M$
> have any docs on how IE6 handles cookies that I can look this up on?

YES, they do.
You have to setup the Privacy Policy,
which means you have to have a P3P header coming out of your webserver with
each request.

You'll want to lookup the details and docs, and PLEASE customize for your
own website, but...

*I* fixed this by adding this to my httpd.conf (and I got it from this
mailing list anyway :-):

# P3P Policy (required for IE6 to accept our cookies)
Header add P3P "CP=\"NOI DSP COR CURa PSDa OUR NOR NAV STA\""

This requires mod_headers to be loaded or compiled into Apache.

Good luck!

L8r,
Rob

#!/usr/bin/perl -w
use Disclaimer qw/:standard/;





Re: Cookies and IE in mod_perl

2002-03-24 Thread Balazs Rauznitz

On Sun, Mar 24, 2002 at 01:44:51PM -0500, Jesse and Rebecca Stay wrote:
> I've determined that it isn't the redirect causing the cookies not to be set. 
>  If I take out the redirect, and just try to set a cookie w/o a redirect, it 
> still doesn't set the cookies in IE.  Does M$ have any docs on how IE6 
> handles cookies that I can look this up on?

http://www.microsoft.com/presspass/press/2001/mar01/PrivacyToolsIEfs.asp

Balazs



Re: Cookies and IE in mod_perl

2002-03-24 Thread Michael Robinton



On Sat, 23 Mar 2002, Jesse and Rebecca Stay wrote:

> Ok - I got rid of the Apache::Cookie stuff, and am now doing things manually,
> but it still doesn't generate a cookie in IE.  It still works in Netscape.  I
> get a redirect, but no cookie.  Here is my code:
>
> my $r = Apache->request;
>
> $r->content_type('text/html');
> $r->err_headers_out->add('Set-Cookie' => 'userSession=test;
> domain=.hainesfamily.org; path=/; expires=Mon, 25-Mar-2002 03:30:43 GMT');
> $r->headers_out->add(Location => $redir);
> $r->status(REDIRECT);
> $r->send_http_header;
>
> my $headers_out = $r->headers_out;
> foreach (keys %$headers_out) {
> warn "$_=$headers_out->{$_}";
> }
>
> return OK;

I think this should be
  return 302;





Re: Cookies and IE in mod_perl

2002-03-24 Thread Jesse and Rebecca Stay

I've determined that it isn't the redirect causing the cookies not to be set. 
 If I take out the redirect, and just try to set a cookie w/o a redirect, it 
still doesn't set the cookies in IE.  Does M$ have any docs on how IE6 
handles cookies that I can look this up on?

On Saturday 23 March 2002 11:48 pm, Cees Hek wrote:
> Some browsers don't accept cookies sent allong with a redirect header.
> A simple workaround is to leave your cookie in the header, but move the
> redirect to a META HTTP-EQUIV tag in a blank HTML document.
>
> I'm not sure if IE 6.0 suffers from this but I suspect that this is your
> problem.  So this isn't really a mod_perl problem, but likely a browser
> problem.
>
> Also, if you want to see exactly what headers your apache server is
> sending out, or headers your client is sending in, have a look at
> Apache::DumpHeaders.  It saves putting those warn statements in your
> code.
>
> Cees
>
> On Sun, 2002-03-24 at 14:44, Jesse and Rebecca Stay wrote:
> > Ok - I got rid of the Apache::Cookie stuff, and am now doing things
> > manually, but it still doesn't generate a cookie in IE.  It still works
> > in Netscape.  I get a redirect, but no cookie.  Here is my code:
> >
> > my $r = Apache->request;
> >
> > $r->content_type('text/html');
> > $r->err_headers_out->add('Set-Cookie' => 'userSession=test;
> > domain=.hainesfamily.org; path=/; expires=Mon, 25-Mar-2002 03:30:43
> > GMT'); $r->headers_out->add(Location => $redir);
> > $r->status(REDIRECT);
> > $r->send_http_header;
> >
> > my $headers_out = $r->headers_out;
> > foreach (keys %$headers_out) {
> > warn "$_=$headers_out->{$_}";
> > }
> >
> > return OK;
> >
> > The warn produces the following:
> >
> > Set-Cookie=userSession=test; domain=.domain.org; path=/; expires=Mon,
> > 25-Mar-2002 03:30:43 GMT at /path/to/script.pm line 326.
> > Location=/r/common/loginWelcome at /path/to/script.pm line 326.
> > Connection=close at /path/to/script.pm line 326.
> > Transfer-Encoding=chunked at /path/to/script.pm line 326.
> > Content-Type=text/html at /path/to/script.pm line 326.
> >
> > Am I doing something wrong???
> >
> > -Jesse Stay
> >
> > On Saturday 23 March 2002 06:43 pm, Eric Frazier wrote:
> > > Strong suggestion. Look at an existing cookie that works in IE
> > > whatever, copy it, then look at the header that Apache::Cookie is
> > > making. This oop cookie crap really bugs me since a cookie is just a
> > > stupid header line, not that big of a deal to parse, or write by hand.
> > > Abscraction is for things that make good objects and that are HARD,
> > > cookies in my opinon don't fit into that category.
> > > I strongly bet it has to do with the expire date, also look at the
> > > docs, and the code itself under the expires sub. I haven't done e com
> > > crap for a while now, but I had lots of trouble getting IE to get it
> > > right. Remember Netscape invented the cookie, then IE had to go and
> > > tweak with it.
> > >
> > >
> > > Eric
> > >
> > > At 09:21 PM 3/23/02 -0500, Jesse and Rebecca Stay wrote:
> > > >I guess in particular, does anyone know of any known issues with
> > > >Apache::Cookie and IE6.0 (or any other versions)?
> > > >
> > > >On Saturday 23 March 2002 07:09 pm, Jesse and Rebecca Stay wrote:
> > > >> Here is the code I use (in this particular case it is being used
> > > >> with a redirect, but it doesn't work in any case.):
> > > >>
> > > >>
> > > >>my $cookieContent = Apache::Cookie->new(
> > > >>  $r,
> > > >>  -name=> 'userSession',
> > > >>  -value   => $cookieValue,
> > > >>  -expires => '+365d');
> > > >>
> > > >>$cookieContent->bake();
> > > >>
> > > >> $r->headers_out->set(Location => $redir);
> > > >> $r->status(REDIRECT);
> > > >> $r->send_http_header;
> > > >> return OK;
> > > >>
> > > >> I tried expires => '+1Y', but that didn't work either.  Adding the
> > > >> domain doesn't do anything either.
> > > &

Re: Cookies and IE in mod_perl

2002-03-23 Thread Cees Hek


Some browsers don't accept cookies sent allong with a redirect header. 
A simple workaround is to leave your cookie in the header, but move the
redirect to a META HTTP-EQUIV tag in a blank HTML document.  

I'm not sure if IE 6.0 suffers from this but I suspect that this is your
problem.  So this isn't really a mod_perl problem, but likely a browser
problem.

Also, if you want to see exactly what headers your apache server is
sending out, or headers your client is sending in, have a look at
Apache::DumpHeaders.  It saves putting those warn statements in your
code.

Cees


On Sun, 2002-03-24 at 14:44, Jesse and Rebecca Stay wrote:
> Ok - I got rid of the Apache::Cookie stuff, and am now doing things manually, 
> but it still doesn't generate a cookie in IE.  It still works in Netscape.  I 
> get a redirect, but no cookie.  Here is my code:
> 
> my $r = Apache->request;
> 
> $r->content_type('text/html');
> $r->err_headers_out->add('Set-Cookie' => 'userSession=test; 
> domain=.hainesfamily.org; path=/; expires=Mon, 25-Mar-2002 03:30:43 GMT');
> $r->headers_out->add(Location => $redir);
> $r->status(REDIRECT);
> $r->send_http_header;
> 
> my $headers_out = $r->headers_out;
> foreach (keys %$headers_out) {
> warn "$_=$headers_out->{$_}";
> }
> 
> return OK;
> 
> The warn produces the following:
> 
> Set-Cookie=userSession=test; domain=.domain.org; path=/; expires=Mon, 
> 25-Mar-2002 03:30:43 GMT at /path/to/script.pm line 326.
> Location=/r/common/loginWelcome at /path/to/script.pm line 326.
> Connection=close at /path/to/script.pm line 326.
> Transfer-Encoding=chunked at /path/to/script.pm line 326.
> Content-Type=text/html at /path/to/script.pm line 326.
> 
> Am I doing something wrong???
> 
> -Jesse Stay
> 
> On Saturday 23 March 2002 06:43 pm, Eric Frazier wrote:
> > Strong suggestion. Look at an existing cookie that works in IE whatever,
> > copy it, then look at the header that Apache::Cookie is making.
> > This oop cookie crap really bugs me since a cookie is just a stupid header
> > line, not that big of a deal to parse, or write by hand.
> > Abscraction is for things that make good objects and that are HARD, cookies
> > in my opinon don't fit into that category.
> > I strongly bet it has to do with the expire date, also look at the docs,
> > and the code itself under the expires sub. I haven't done e com crap for a
> > while now, but I had lots of trouble getting IE to get it right. Remember
> > Netscape invented the cookie, then IE had to go and tweak with it.
> >
> >
> > Eric
> >
> > At 09:21 PM 3/23/02 -0500, Jesse and Rebecca Stay wrote:
> > >I guess in particular, does anyone know of any known issues with
> > >Apache::Cookie and IE6.0 (or any other versions)?
> > >
> > >On Saturday 23 March 2002 07:09 pm, Jesse and Rebecca Stay wrote:
> > >> Here is the code I use (in this particular case it is being used with a
> > >> redirect, but it doesn't work in any case.):
> > >>
> > >>
> > >>my $cookieContent = Apache::Cookie->new(
> > >>  $r,
> > >>  -name=> 'userSession',
> > >>  -value   => $cookieValue,
> > >>  -expires => '+365d');
> > >>
> > >>$cookieContent->bake();
> > >>
> > >> $r->headers_out->set(Location => $redir);
> > >> $r->status(REDIRECT);
> > >> $r->send_http_header;
> > >> return OK;
> > >>
> > >> I tried expires => '+1Y', but that didn't work either.  Adding the
> > >> domain doesn't do anything either.
> > >>
> > >> On Saturday 23 March 2002 06:44 pm, Frank Wiles wrote:
> > >> > On Sat, 23 Mar 2002 18:52:14 -0500 Jesse and Rebecca Stay
> > >>
> > >> <[EMAIL PROTECTED]> wrote:
> > >> > > Has anyone had any issues in getting cookies to work with IE using
> > >> > > mod_perl? I have tried using both CGI::Cookie and Apache::Cookie,
> > >> > > and in both instances it works just fine under Netscape, but on IE
> > >> > > it doesn't even try to set the cookie.  Any ideas?
> > >> >
> > >> >What are you expire times on your cookies? We ran into a situation
> > >> > where I work that all of the Windows machines were in the wrong time
> > >> > zone and with a 2 hour expire, IE would not set the cookie because it
> > >> > thought it was already expired.  Netscape would however set the cookie
> > >> > anyway.
> > >> >
> > >> >This may not be your problem, but it may be something to think
> > >> > about.
> > >> >
> > >> >  -
> > >> >Frank Wiles <[EMAIL PROTECTED]>
> > >> >http://frank.wiles.org
> > >> >  -
> >
> > http://www.kwinternet.com/eric
> > (250) 655 - 9513 (PST Time Zone)





Re: Fw: Re: Cookies and IE in mod_perl

2002-03-23 Thread Dzuy Nguyen



There are different security levels that must be set.  You can also specifically
tell the browser to accept
all cookies from a particular domain.  There is an article on MS site about
this.  I forgot what it was.
You can probably search for it on google.

Frank Wiles wrote:
[EMAIL PROTECTED]">
  On Sat, 23 Mar 2002 18:52:14 -0500 Jesse and Rebecca Stay <[EMAIL PROTECTED]> wrote:
  
Has anyone had any issues in getting cookies to work with IE using mod_perl?  I have tried using both CGI::Cookie and Apache::Cookie, and in both instances it works just fine under Netscape, but on IE it doesn't even try to set the cookie.  Any ideas?

   What are you expire times on your cookies? We ran into a situation where   I work that all of the Windows machines were in the wrong time zoneand with a 2 hour expire, IE would not set the cookie because it thought   it was already expired.  Netscape would however set the cookie anyway.This may not be your problem, but it may be something to think about.  -   Frank Wiles <[EMAIL PROTECTED]>   http://frank.wiles.org -






Re: Cookies and IE in mod_perl

2002-03-23 Thread Jesse and Rebecca Stay

Ok - I got rid of the Apache::Cookie stuff, and am now doing things manually, 
but it still doesn't generate a cookie in IE.  It still works in Netscape.  I 
get a redirect, but no cookie.  Here is my code:

my $r = Apache->request;

$r->content_type('text/html');
$r->err_headers_out->add('Set-Cookie' => 'userSession=test; 
domain=.hainesfamily.org; path=/; expires=Mon, 25-Mar-2002 03:30:43 GMT');
$r->headers_out->add(Location => $redir);
$r->status(REDIRECT);
$r->send_http_header;

my $headers_out = $r->headers_out;
foreach (keys %$headers_out) {
warn "$_=$headers_out->{$_}";
}

return OK;

The warn produces the following:

Set-Cookie=userSession=test; domain=.domain.org; path=/; expires=Mon, 
25-Mar-2002 03:30:43 GMT at /path/to/script.pm line 326.
Location=/r/common/loginWelcome at /path/to/script.pm line 326.
Connection=close at /path/to/script.pm line 326.
Transfer-Encoding=chunked at /path/to/script.pm line 326.
Content-Type=text/html at /path/to/script.pm line 326.

Am I doing something wrong???

-Jesse Stay

On Saturday 23 March 2002 06:43 pm, Eric Frazier wrote:
> Strong suggestion. Look at an existing cookie that works in IE whatever,
> copy it, then look at the header that Apache::Cookie is making.
> This oop cookie crap really bugs me since a cookie is just a stupid header
> line, not that big of a deal to parse, or write by hand.
> Abscraction is for things that make good objects and that are HARD, cookies
> in my opinon don't fit into that category.
> I strongly bet it has to do with the expire date, also look at the docs,
> and the code itself under the expires sub. I haven't done e com crap for a
> while now, but I had lots of trouble getting IE to get it right. Remember
> Netscape invented the cookie, then IE had to go and tweak with it.
>
>
> Eric
>
> At 09:21 PM 3/23/02 -0500, Jesse and Rebecca Stay wrote:
> >I guess in particular, does anyone know of any known issues with
> >Apache::Cookie and IE6.0 (or any other versions)?
> >
> >On Saturday 23 March 2002 07:09 pm, Jesse and Rebecca Stay wrote:
> >> Here is the code I use (in this particular case it is being used with a
> >> redirect, but it doesn't work in any case.):
> >>
> >>
> >>my $cookieContent = Apache::Cookie->new(
> >>  $r,
> >>  -name=> 'userSession',
> >>  -value   => $cookieValue,
> >>  -expires => '+365d');
> >>
> >>$cookieContent->bake();
> >>
> >> $r->headers_out->set(Location => $redir);
> >> $r->status(REDIRECT);
> >> $r->send_http_header;
> >> return OK;
> >>
> >> I tried expires => '+1Y', but that didn't work either.  Adding the
> >> domain doesn't do anything either.
> >>
> >> On Saturday 23 March 2002 06:44 pm, Frank Wiles wrote:
> >> > On Sat, 23 Mar 2002 18:52:14 -0500 Jesse and Rebecca Stay
> >>
> >> <[EMAIL PROTECTED]> wrote:
> >> > > Has anyone had any issues in getting cookies to work with IE using
> >> > > mod_perl? I have tried using both CGI::Cookie and Apache::Cookie,
> >> > > and in both instances it works just fine under Netscape, but on IE
> >> > > it doesn't even try to set the cookie.  Any ideas?
> >> >
> >> >What are you expire times on your cookies? We ran into a situation
> >> > where I work that all of the Windows machines were in the wrong time
> >> > zone and with a 2 hour expire, IE would not set the cookie because it
> >> > thought it was already expired.  Netscape would however set the cookie
> >> > anyway.
> >> >
> >> >This may not be your problem, but it may be something to think
> >> > about.
> >> >
> >> >  -
> >> >Frank Wiles <[EMAIL PROTECTED]>
> >> >http://frank.wiles.org
> >> >  -
>
> http://www.kwinternet.com/eric
> (250) 655 - 9513 (PST Time Zone)



Re: Cookies and IE in mod_perl

2002-03-23 Thread Jesse and Rebecca Stay

I guess in particular, does anyone know of any known issues with 
Apache::Cookie and IE6.0 (or any other versions)?

On Saturday 23 March 2002 07:09 pm, Jesse and Rebecca Stay wrote:
> Here is the code I use (in this particular case it is being used with a
> redirect, but it doesn't work in any case.):
>
>
>my $cookieContent = Apache::Cookie->new(
>  $r,
>  -name=> 'userSession',
>  -value   => $cookieValue,
>  -expires => '+365d');
>
>$cookieContent->bake();
>
> $r->headers_out->set(Location => $redir);
> $r->status(REDIRECT);
> $r->send_http_header;
> return OK;
>
> I tried expires => '+1Y', but that didn't work either.  Adding the domain
> doesn't do anything either.
>
> On Saturday 23 March 2002 06:44 pm, Frank Wiles wrote:
> > On Sat, 23 Mar 2002 18:52:14 -0500 Jesse and Rebecca Stay
>
> <[EMAIL PROTECTED]> wrote:
> > > Has anyone had any issues in getting cookies to work with IE using
> > > mod_perl? I have tried using both CGI::Cookie and Apache::Cookie, and
> > > in both instances it works just fine under Netscape, but on IE it
> > > doesn't even try to set the cookie.  Any ideas?
> >
> >What are you expire times on your cookies? We ran into a situation
> > where I work that all of the Windows machines were in the wrong time zone
> > and with a 2 hour expire, IE would not set the cookie because it thought
> > it was already expired.  Netscape would however set the cookie anyway.
> >
> >This may not be your problem, but it may be something to think about.
> >
> >  -
> >Frank Wiles <[EMAIL PROTECTED]>
> >http://frank.wiles.org
> >  -



Re: Cookies and IE in mod_perl

2002-03-23 Thread Jesse and Rebecca Stay

Here is the code I use (in this particular case it is being used with a 
redirect, but it doesn't work in any case.):


   my $cookieContent = Apache::Cookie->new(
 $r,
 -name=> 'userSession',
 -value   => $cookieValue,
 -expires => '+365d');

   $cookieContent->bake();

$r->headers_out->set(Location => $redir);
$r->status(REDIRECT);
$r->send_http_header;
return OK; 

I tried expires => '+1Y', but that didn't work either.  Adding the domain 
doesn't do anything either.

On Saturday 23 March 2002 06:44 pm, Frank Wiles wrote:
> On Sat, 23 Mar 2002 18:52:14 -0500 Jesse and Rebecca Stay 
<[EMAIL PROTECTED]> wrote:
> > Has anyone had any issues in getting cookies to work with IE using
> > mod_perl? I have tried using both CGI::Cookie and Apache::Cookie, and in
> > both instances it works just fine under Netscape, but on IE it doesn't
> > even try to set the cookie.  Any ideas?
>
>What are you expire times on your cookies? We ran into a situation where
>I work that all of the Windows machines were in the wrong time zone
>and with a 2 hour expire, IE would not set the cookie because it thought
>it was already expired.  Netscape would however set the cookie anyway.
>
>This may not be your problem, but it may be something to think about.
>
>  -
>Frank Wiles <[EMAIL PROTECTED]>
>http://frank.wiles.org
>  -



Fw: Re: Cookies and IE in mod_perl

2002-03-23 Thread Frank Wiles

On Sat, 23 Mar 2002 18:52:14 -0500 Jesse and Rebecca Stay <[EMAIL PROTECTED]> wrote:

> Has anyone had any issues in getting cookies to work with IE using mod_perl?  
> I have tried using both CGI::Cookie and Apache::Cookie, and in both instances 
> it works just fine under Netscape, but on IE it doesn't even try to set the 
> cookie.  Any ideas?

   What are you expire times on your cookies? We ran into a situation where
   I work that all of the Windows machines were in the wrong time zone 
   and with a 2 hour expire, IE would not set the cookie because it thought
   it was already expired.  Netscape would however set the cookie anyway. 

   This may not be your problem, but it may be something to think about. 

 -
   Frank Wiles <[EMAIL PROTECTED]>
   http://frank.wiles.org
 -





Cookies and IE in mod_perl

2002-03-23 Thread Jesse and Rebecca Stay

Has anyone had any issues in getting cookies to work with IE using mod_perl?  
I have tried using both CGI::Cookie and Apache::Cookie, and in both instances 
it works just fine under Netscape, but on IE it doesn't even try to set the 
cookie.  Any ideas?

-Jesse Stay



Re: Cookies and redirects

2002-03-13 Thread Enrico Sorcinelli

On Tue, 12 Mar 2002 16:23:57 +0100
Axel Andersson <[EMAIL PROTECTED]> wrote:

> Hello,
> I'm having trouble with both setting a cookie and redirecting the user to
> another page at the same time. It would appear the cookie is only sent
> when a normal header is sent by server.
> 
> If I do the following (having baked the cookie first), where $r is the
> Apache->request() object:
> 
>   $r->content_type("text/html; charset=iso-8859-1");
>   $r->send_http_header();
> 

Hi,
a common trick to solve this is to use err_header_out() request method. For example:

use Apache::Constants qw(:common);
$r->err_header_out("Set-Cookie" => $my_cookie );
$r->custom_response(SERVER_ERROR, $my_custom_redir_location);
return SERVER_ERROR;

Bye
Enrico

=
Enrico Sorcinelli - Gruppo E-Comm - Italia On Line S.p.a.
E-Mail: [EMAIL PROTECTED] - [EMAIL PROTECTED]
=



Re: Cookies and redirects

2002-03-12 Thread Hans Poo

El Mar 12 Mar 2002 11:23, Axel Andersson escribió:
> Hello,
> I'm having trouble with both setting a cookie and redirecting the user to
> another page at the same time. It would appear the cookie is only sent
> when a normal header is sent by server.
>
> If I do the following (having baked the cookie first), where $r is the
> Apache->request() object:
>
>   $r->content_type("text/html; charset=iso-8859-1");
>   $r->send_http_header();
>
> I get this header:
>
>   Connection: close
>   Date: Tue, 12 Mar 2002 10:39:05 GMT
>   Server: Apache/1.3.23 (Unix) mod_perl/1.26
>   Content-Type: text/html; charset=iso-8859-1
>   Client-Date: Tue, 12 Mar 2002 10:39:05 GMT
>   Client-Response-Num: 1
>   Client-Transfer-Encoding: chunked
>   Set-Cookie: user=12::7c786c222596437b; domain=animanga.nu; path=/;
> expires=Wed,
>   12-Mar-2003 10:39:05 GMT
>
> Very nice and all, with cookie set. However, doing:
>
>   $r->method_number(M_GET);
>   $r->method("GET");
>   $r->headers_in->unset("Content-length");
>   $r->headers_out->add("Location" => "/users.pl");
>   $r->status(REDIRECT);
>   $r->send_http_header();
>
> Which I gather is the normal way to redirect a user, I get this header:
>
>   Connection: close
>   Date: Tue, 12 Mar 2002 10:38:36 GMT
>   Server: Apache/1.3.23 (Unix) mod_perl/1.26
>   Content-Type: text/html; charset=iso-8859-1
>   Client-Date: Tue, 12 Mar 2002 10:38:36 GMT
>   Client-Response-Num: 1
>   Client-Transfer-Encoding: chunked
>
> Right, no Set-cookie there. So what's up? How do I redirect a browser,
> and set a cookie at the same time?
>
> Thanks in advance,
> Axel Andersson

Have you tried printing the headers_out hashref after sending the http header 
to see if the cookie is there ?.

my $headers_out = $r->headers_out;
foreach (keys %$headers_out) {
warn "$_=$headers_out->{$_}";
}

Hans



Re: Cookies and redirects

2002-03-12 Thread Geoffrey Young


> Geoff: I think I did this with my own module with no success... I'd end
> up with an extra set of headers, if I was _lucky_...  

perhaps that is due to a general misunderstanding of err_headers_out -
they are sent _even_ on Apache errors (of which REDIRECT is considered
one), not _only_ on errors.  so, if you were setting headers_out to
capture normal transactions and err_headers_out for errors, you might
get an extra set of headers if you were not careful in your own coding
methodology.

> Also, when I got
> it to redirect OK, even when I saw the cookie, sometimes the browser
> would not eat the cookie properly...  I don't have more specific
> details, because this was months ago and the project was not (then)
> under CVS control (now it is, of course)...

well, details are good :) this sounds like a browser issue, though -
if you populate the err_headers_out table with a cookie it will be
presented to the client on a REDIRECT response.

nevertheless, Axel emailed me privately saying that err_headers_out()
solved his issues.

--Geoff



Re: Cookies and redirects

2002-03-12 Thread Issac Goldstand

Geoffrey Young wrote:

>Axel Andersson wrote:
>
>>Hello,
>>I'm having trouble with both setting a cookie and redirecting the user to
>>another page at the same time. It would appear the cookie is only sent
>>when a normal header is sent by server.
>>
>
>this is a common problem - you have to add the cookie to the
>err_headers_out table instead of the headers_out table. 
>
>if you are using Apache::Cookie then this is done for you, otherwise
>you have to populate the correct set of headers.
>
>see 
>
>http://perl.apache.org/guide/snippets.html#Sending_Cookies_in_REDIRECT_Resp
>
>or Recipes 3.7 and 3.13 in the mod_perl cookbook
>
>--Geoff
>
Geoff: I think I did this with my own module with no success... I'd end 
up with an extra set of headers, if I was _lucky_...  Also, when I got 
it to redirect OK, even when I saw the cookie, sometimes the browser 
would not eat the cookie properly...  I don't have more specific 
details, because this was months ago and the project was not (then) 
under CVS control (now it is, of course)...

  Issac





Re: Cookies and redirects

2002-03-12 Thread Issac Goldstand

Well, I ran into this problem a while back... I solved it by baking my 
cookies and sening a Refresh: header to the browser.  The format is the 
same as the more popularly used META tag. (eg "Refresh: $time;url=$url")
For example, to immediately redirect from /foo to /bar while setting a 
cookie, I'd do something like:

$cookie->bake;
$r->header_out("Refresh"=>"0;url=bar");
$r->send_http_header;
return OK;

VERY IMPORTANT: Make sure you type url= in lowercase.  It's usually case 
sensitive.

  Issac

Axel Andersson wrote:

>Hello,
>I'm having trouble with both setting a cookie and redirecting the user to
>another page at the same time. It would appear the cookie is only sent
>when a normal header is sent by server.
>
>If I do the following (having baked the cookie first), where $r is the
>Apache->request() object:
>
>   $r->content_type("text/html; charset=iso-8859-1");
>   $r->send_http_header();
>
>I get this header:
>
>  Connection: close
>  Date: Tue, 12 Mar 2002 10:39:05 GMT
>  Server: Apache/1.3.23 (Unix) mod_perl/1.26
>  Content-Type: text/html; charset=iso-8859-1
>  Client-Date: Tue, 12 Mar 2002 10:39:05 GMT
>  Client-Response-Num: 1
>  Client-Transfer-Encoding: chunked
>  Set-Cookie: user=12::7c786c222596437b; domain=animanga.nu; path=/;
>expires=Wed, 
>  12-Mar-2003 10:39:05 GMT
>
>Very nice and all, with cookie set. However, doing:
>
>   $r->method_number(M_GET);
>   $r->method("GET");
>   $r->headers_in->unset("Content-length");
>   $r->headers_out->add("Location" => "/users.pl");
>   $r->status(REDIRECT);
>   $r->send_http_header();
>
>Which I gather is the normal way to redirect a user, I get this header:
>
>  Connection: close
>  Date: Tue, 12 Mar 2002 10:38:36 GMT
>  Server: Apache/1.3.23 (Unix) mod_perl/1.26
>  Content-Type: text/html; charset=iso-8859-1
>  Client-Date: Tue, 12 Mar 2002 10:38:36 GMT
>  Client-Response-Num: 1
>  Client-Transfer-Encoding: chunked
>
>Right, no Set-cookie there. So what's up? How do I redirect a browser,
>and set a cookie at the same time?
>
>Thanks in advance,
>Axel Andersson
>






Re: Cookies and redirects

2002-03-12 Thread Geoffrey Young

Axel Andersson wrote:
> 
> Hello,
> I'm having trouble with both setting a cookie and redirecting the user to
> another page at the same time. It would appear the cookie is only sent
> when a normal header is sent by server.
> 

this is a common problem - you have to add the cookie to the
err_headers_out table instead of the headers_out table. 

if you are using Apache::Cookie then this is done for you, otherwise
you have to populate the correct set of headers.

see 

http://perl.apache.org/guide/snippets.html#Sending_Cookies_in_REDIRECT_Resp

or Recipes 3.7 and 3.13 in the mod_perl cookbook

--Geoff



Cookies and redirects

2002-03-12 Thread Axel Andersson

Hello,
I'm having trouble with both setting a cookie and redirecting the user to
another page at the same time. It would appear the cookie is only sent
when a normal header is sent by server.

If I do the following (having baked the cookie first), where $r is the
Apache->request() object:

$r->content_type("text/html; charset=iso-8859-1");
$r->send_http_header();

I get this header:

  Connection: close
  Date: Tue, 12 Mar 2002 10:39:05 GMT
  Server: Apache/1.3.23 (Unix) mod_perl/1.26
  Content-Type: text/html; charset=iso-8859-1
  Client-Date: Tue, 12 Mar 2002 10:39:05 GMT
  Client-Response-Num: 1
  Client-Transfer-Encoding: chunked
  Set-Cookie: user=12::7c786c222596437b; domain=animanga.nu; path=/;
expires=Wed, 
  12-Mar-2003 10:39:05 GMT

Very nice and all, with cookie set. However, doing:

$r->method_number(M_GET);
$r->method("GET");
$r->headers_in->unset("Content-length");
$r->headers_out->add("Location" => "/users.pl");
$r->status(REDIRECT);
$r->send_http_header();

Which I gather is the normal way to redirect a user, I get this header:

  Connection: close
  Date: Tue, 12 Mar 2002 10:38:36 GMT
  Server: Apache/1.3.23 (Unix) mod_perl/1.26
  Content-Type: text/html; charset=iso-8859-1
  Client-Date: Tue, 12 Mar 2002 10:38:36 GMT
  Client-Response-Num: 1
  Client-Transfer-Encoding: chunked

Right, no Set-cookie there. So what's up? How do I redirect a browser,
and set a cookie at the same time?

Thanks in advance,
Axel Andersson

-- 
[EMAIL PROTECTED]
http://www.animanga.nu/morris/

38. Feel cosmos as translucent ever-living presence




  1   2   3   4   >