RE: Cookies and IE in mod_perl
I've determined that it isn't the redirect causing the cookies not to be set. If I take out the redirect, and just try to set a cookie w/o a redirect, it still doesn't set the cookies in IE. Does M$ have any docs on how IE6 handles cookies that I can look this up on? YES, they do. You have to setup the Privacy Policy, which means you have to have a P3P header coming out of your webserver with each request. You'll want to lookup the details and docs, and PLEASE customize for your own website, but... *I* fixed this by adding this to my httpd.conf (and I got it from this mailing list anyway :-): # P3P Policy (required for IE6 to accept our cookies) Header add P3P CP=\NOI DSP COR CURa PSDa OUR NOR NAV STA\ This requires mod_headers to be loaded or compiled into Apache. Good luck! L8r, Rob #!/usr/bin/perl -w use Disclaimer qw/:standard/;
Re: Cookies and IE in mod_perl
I've determined that it isn't the redirect causing the cookies not to be set. If I take out the redirect, and just try to set a cookie w/o a redirect, it still doesn't set the cookies in IE. Does M$ have any docs on how IE6 handles cookies that I can look this up on? On Saturday 23 March 2002 11:48 pm, Cees Hek wrote: Some browsers don't accept cookies sent allong with a redirect header. A simple workaround is to leave your cookie in the header, but move the redirect to a META HTTP-EQUIV tag in a blank HTML document. I'm not sure if IE 6.0 suffers from this but I suspect that this is your problem. So this isn't really a mod_perl problem, but likely a browser problem. Also, if you want to see exactly what headers your apache server is sending out, or headers your client is sending in, have a look at Apache::DumpHeaders. It saves putting those warn statements in your code. Cees On Sun, 2002-03-24 at 14:44, Jesse and Rebecca Stay wrote: Ok - I got rid of the Apache::Cookie stuff, and am now doing things manually, but it still doesn't generate a cookie in IE. It still works in Netscape. I get a redirect, but no cookie. Here is my code: my $r = Apache-request; $r-content_type('text/html'); $r-err_headers_out-add('Set-Cookie' = 'userSession=test; domain=.hainesfamily.org; path=/; expires=Mon, 25-Mar-2002 03:30:43 GMT'); $r-headers_out-add(Location = $redir); $r-status(REDIRECT); $r-send_http_header; my $headers_out = $r-headers_out; foreach (keys %$headers_out) { warn $_=$headers_out-{$_}; } return OK; The warn produces the following: Set-Cookie=userSession=test; domain=.domain.org; path=/; expires=Mon, 25-Mar-2002 03:30:43 GMT at /path/to/script.pm line 326. Location=/r/common/loginWelcome at /path/to/script.pm line 326. Connection=close at /path/to/script.pm line 326. Transfer-Encoding=chunked at /path/to/script.pm line 326. Content-Type=text/html at /path/to/script.pm line 326. Am I doing something wrong??? -Jesse Stay On Saturday 23 March 2002 06:43 pm, Eric Frazier wrote: Strong suggestion. Look at an existing cookie that works in IE whatever, copy it, then look at the header that Apache::Cookie is making. This oop cookie crap really bugs me since a cookie is just a stupid header line, not that big of a deal to parse, or write by hand. Abscraction is for things that make good objects and that are HARD, cookies in my opinon don't fit into that category. I strongly bet it has to do with the expire date, also look at the docs, and the code itself under the expires sub. I haven't done e com crap for a while now, but I had lots of trouble getting IE to get it right. Remember Netscape invented the cookie, then IE had to go and tweak with it. Eric At 09:21 PM 3/23/02 -0500, Jesse and Rebecca Stay wrote: I guess in particular, does anyone know of any known issues with Apache::Cookie and IE6.0 (or any other versions)? On Saturday 23 March 2002 07:09 pm, Jesse and Rebecca Stay wrote: Here is the code I use (in this particular case it is being used with a redirect, but it doesn't work in any case.): my $cookieContent = Apache::Cookie-new( $r, -name= 'userSession', -value = $cookieValue, -expires = '+365d'); $cookieContent-bake(); $r-headers_out-set(Location = $redir); $r-status(REDIRECT); $r-send_http_header; return OK; I tried expires = '+1Y', but that didn't work either. Adding the domain doesn't do anything either. On Saturday 23 March 2002 06:44 pm, Frank Wiles wrote: On Sat, 23 Mar 2002 18:52:14 -0500 Jesse and Rebecca Stay [EMAIL PROTECTED] wrote: Has anyone had any issues in getting cookies to work with IE using mod_perl? I have tried using both CGI::Cookie and Apache::Cookie, and in both instances it works just fine under Netscape, but on IE it doesn't even try to set the cookie. Any ideas? What are you expire times on your cookies? We ran into a situation where I work that all of the Windows machines were in the wrong time zone and with a 2 hour expire, IE would not set the cookie because it thought it was already expired. Netscape would however set the cookie anyway. This may not be your problem, but it may be something to think about. - Frank Wiles [EMAIL PROTECTED] http://frank.wiles.org - http://www.kwinternet.com/eric (250) 655 - 9513 (PST Time Zone)
Re: Cookies and IE in mod_perl
On Sat, 23 Mar 2002, Jesse and Rebecca Stay wrote: Ok - I got rid of the Apache::Cookie stuff, and am now doing things manually, but it still doesn't generate a cookie in IE. It still works in Netscape. I get a redirect, but no cookie. Here is my code: my $r = Apache-request; $r-content_type('text/html'); $r-err_headers_out-add('Set-Cookie' = 'userSession=test; domain=.hainesfamily.org; path=/; expires=Mon, 25-Mar-2002 03:30:43 GMT'); $r-headers_out-add(Location = $redir); $r-status(REDIRECT); $r-send_http_header; my $headers_out = $r-headers_out; foreach (keys %$headers_out) { warn $_=$headers_out-{$_}; } return OK; I think this should be return 302;
Re: Cookies and IE in mod_perl
On Sun, Mar 24, 2002 at 01:44:51PM -0500, Jesse and Rebecca Stay wrote: I've determined that it isn't the redirect causing the cookies not to be set. If I take out the redirect, and just try to set a cookie w/o a redirect, it still doesn't set the cookies in IE. Does M$ have any docs on how IE6 handles cookies that I can look this up on? http://www.microsoft.com/presspass/press/2001/mar01/PrivacyToolsIEfs.asp Balazs
Cookies and IE in mod_perl
Has anyone had any issues in getting cookies to work with IE using mod_perl? I have tried using both CGI::Cookie and Apache::Cookie, and in both instances it works just fine under Netscape, but on IE it doesn't even try to set the cookie. Any ideas? -Jesse Stay
Fw: Re: Cookies and IE in mod_perl
On Sat, 23 Mar 2002 18:52:14 -0500 Jesse and Rebecca Stay [EMAIL PROTECTED] wrote: Has anyone had any issues in getting cookies to work with IE using mod_perl? I have tried using both CGI::Cookie and Apache::Cookie, and in both instances it works just fine under Netscape, but on IE it doesn't even try to set the cookie. Any ideas? What are you expire times on your cookies? We ran into a situation where I work that all of the Windows machines were in the wrong time zone and with a 2 hour expire, IE would not set the cookie because it thought it was already expired. Netscape would however set the cookie anyway. This may not be your problem, but it may be something to think about. - Frank Wiles [EMAIL PROTECTED] http://frank.wiles.org -
Re: Cookies and IE in mod_perl
Here is the code I use (in this particular case it is being used with a redirect, but it doesn't work in any case.): my $cookieContent = Apache::Cookie-new( $r, -name= 'userSession', -value = $cookieValue, -expires = '+365d'); $cookieContent-bake(); $r-headers_out-set(Location = $redir); $r-status(REDIRECT); $r-send_http_header; return OK; I tried expires = '+1Y', but that didn't work either. Adding the domain doesn't do anything either. On Saturday 23 March 2002 06:44 pm, Frank Wiles wrote: On Sat, 23 Mar 2002 18:52:14 -0500 Jesse and Rebecca Stay [EMAIL PROTECTED] wrote: Has anyone had any issues in getting cookies to work with IE using mod_perl? I have tried using both CGI::Cookie and Apache::Cookie, and in both instances it works just fine under Netscape, but on IE it doesn't even try to set the cookie. Any ideas? What are you expire times on your cookies? We ran into a situation where I work that all of the Windows machines were in the wrong time zone and with a 2 hour expire, IE would not set the cookie because it thought it was already expired. Netscape would however set the cookie anyway. This may not be your problem, but it may be something to think about. - Frank Wiles [EMAIL PROTECTED] http://frank.wiles.org -
Re: Cookies and IE in mod_perl
I guess in particular, does anyone know of any known issues with Apache::Cookie and IE6.0 (or any other versions)? On Saturday 23 March 2002 07:09 pm, Jesse and Rebecca Stay wrote: Here is the code I use (in this particular case it is being used with a redirect, but it doesn't work in any case.): my $cookieContent = Apache::Cookie-new( $r, -name= 'userSession', -value = $cookieValue, -expires = '+365d'); $cookieContent-bake(); $r-headers_out-set(Location = $redir); $r-status(REDIRECT); $r-send_http_header; return OK; I tried expires = '+1Y', but that didn't work either. Adding the domain doesn't do anything either. On Saturday 23 March 2002 06:44 pm, Frank Wiles wrote: On Sat, 23 Mar 2002 18:52:14 -0500 Jesse and Rebecca Stay [EMAIL PROTECTED] wrote: Has anyone had any issues in getting cookies to work with IE using mod_perl? I have tried using both CGI::Cookie and Apache::Cookie, and in both instances it works just fine under Netscape, but on IE it doesn't even try to set the cookie. Any ideas? What are you expire times on your cookies? We ran into a situation where I work that all of the Windows machines were in the wrong time zone and with a 2 hour expire, IE would not set the cookie because it thought it was already expired. Netscape would however set the cookie anyway. This may not be your problem, but it may be something to think about. - Frank Wiles [EMAIL PROTECTED] http://frank.wiles.org -
Re: Cookies and IE in mod_perl
Ok - I got rid of the Apache::Cookie stuff, and am now doing things manually, but it still doesn't generate a cookie in IE. It still works in Netscape. I get a redirect, but no cookie. Here is my code: my $r = Apache-request; $r-content_type('text/html'); $r-err_headers_out-add('Set-Cookie' = 'userSession=test; domain=.hainesfamily.org; path=/; expires=Mon, 25-Mar-2002 03:30:43 GMT'); $r-headers_out-add(Location = $redir); $r-status(REDIRECT); $r-send_http_header; my $headers_out = $r-headers_out; foreach (keys %$headers_out) { warn $_=$headers_out-{$_}; } return OK; The warn produces the following: Set-Cookie=userSession=test; domain=.domain.org; path=/; expires=Mon, 25-Mar-2002 03:30:43 GMT at /path/to/script.pm line 326. Location=/r/common/loginWelcome at /path/to/script.pm line 326. Connection=close at /path/to/script.pm line 326. Transfer-Encoding=chunked at /path/to/script.pm line 326. Content-Type=text/html at /path/to/script.pm line 326. Am I doing something wrong??? -Jesse Stay On Saturday 23 March 2002 06:43 pm, Eric Frazier wrote: Strong suggestion. Look at an existing cookie that works in IE whatever, copy it, then look at the header that Apache::Cookie is making. This oop cookie crap really bugs me since a cookie is just a stupid header line, not that big of a deal to parse, or write by hand. Abscraction is for things that make good objects and that are HARD, cookies in my opinon don't fit into that category. I strongly bet it has to do with the expire date, also look at the docs, and the code itself under the expires sub. I haven't done e com crap for a while now, but I had lots of trouble getting IE to get it right. Remember Netscape invented the cookie, then IE had to go and tweak with it. Eric At 09:21 PM 3/23/02 -0500, Jesse and Rebecca Stay wrote: I guess in particular, does anyone know of any known issues with Apache::Cookie and IE6.0 (or any other versions)? On Saturday 23 March 2002 07:09 pm, Jesse and Rebecca Stay wrote: Here is the code I use (in this particular case it is being used with a redirect, but it doesn't work in any case.): my $cookieContent = Apache::Cookie-new( $r, -name= 'userSession', -value = $cookieValue, -expires = '+365d'); $cookieContent-bake(); $r-headers_out-set(Location = $redir); $r-status(REDIRECT); $r-send_http_header; return OK; I tried expires = '+1Y', but that didn't work either. Adding the domain doesn't do anything either. On Saturday 23 March 2002 06:44 pm, Frank Wiles wrote: On Sat, 23 Mar 2002 18:52:14 -0500 Jesse and Rebecca Stay [EMAIL PROTECTED] wrote: Has anyone had any issues in getting cookies to work with IE using mod_perl? I have tried using both CGI::Cookie and Apache::Cookie, and in both instances it works just fine under Netscape, but on IE it doesn't even try to set the cookie. Any ideas? What are you expire times on your cookies? We ran into a situation where I work that all of the Windows machines were in the wrong time zone and with a 2 hour expire, IE would not set the cookie because it thought it was already expired. Netscape would however set the cookie anyway. This may not be your problem, but it may be something to think about. - Frank Wiles [EMAIL PROTECTED] http://frank.wiles.org - http://www.kwinternet.com/eric (250) 655 - 9513 (PST Time Zone)
Re: Fw: Re: Cookies and IE in mod_perl
There are different security levels that must be set. You can also specifically tell the browser to accept all cookies from a particular domain. There is an article on MS site about this. I forgot what it was. You can probably search for it on google. Frank Wiles wrote: [EMAIL PROTECTED]"> On Sat, 23 Mar 2002 18:52:14 -0500 Jesse and Rebecca Stay [EMAIL PROTECTED] wrote: Has anyone had any issues in getting cookies to work with IE using mod_perl? I have tried using both CGI::Cookie and Apache::Cookie, and in both instances it works just fine under Netscape, but on IE it doesn't even try to set the cookie. Any ideas? What are you expire times on your cookies? We ran into a situation where I work that all of the Windows machines were in the wrong time zoneand with a 2 hour expire, IE would not set the cookie because it thought it was already expired. Netscape would however set the cookie anyway.This may not be your problem, but it may be something to think about. - Frank Wiles [EMAIL PROTECTED] http://frank.wiles.org -
Re: Cookies and IE in mod_perl
Some browsers don't accept cookies sent allong with a redirect header. A simple workaround is to leave your cookie in the header, but move the redirect to a META HTTP-EQUIV tag in a blank HTML document. I'm not sure if IE 6.0 suffers from this but I suspect that this is your problem. So this isn't really a mod_perl problem, but likely a browser problem. Also, if you want to see exactly what headers your apache server is sending out, or headers your client is sending in, have a look at Apache::DumpHeaders. It saves putting those warn statements in your code. Cees On Sun, 2002-03-24 at 14:44, Jesse and Rebecca Stay wrote: Ok - I got rid of the Apache::Cookie stuff, and am now doing things manually, but it still doesn't generate a cookie in IE. It still works in Netscape. I get a redirect, but no cookie. Here is my code: my $r = Apache-request; $r-content_type('text/html'); $r-err_headers_out-add('Set-Cookie' = 'userSession=test; domain=.hainesfamily.org; path=/; expires=Mon, 25-Mar-2002 03:30:43 GMT'); $r-headers_out-add(Location = $redir); $r-status(REDIRECT); $r-send_http_header; my $headers_out = $r-headers_out; foreach (keys %$headers_out) { warn $_=$headers_out-{$_}; } return OK; The warn produces the following: Set-Cookie=userSession=test; domain=.domain.org; path=/; expires=Mon, 25-Mar-2002 03:30:43 GMT at /path/to/script.pm line 326. Location=/r/common/loginWelcome at /path/to/script.pm line 326. Connection=close at /path/to/script.pm line 326. Transfer-Encoding=chunked at /path/to/script.pm line 326. Content-Type=text/html at /path/to/script.pm line 326. Am I doing something wrong??? -Jesse Stay On Saturday 23 March 2002 06:43 pm, Eric Frazier wrote: Strong suggestion. Look at an existing cookie that works in IE whatever, copy it, then look at the header that Apache::Cookie is making. This oop cookie crap really bugs me since a cookie is just a stupid header line, not that big of a deal to parse, or write by hand. Abscraction is for things that make good objects and that are HARD, cookies in my opinon don't fit into that category. I strongly bet it has to do with the expire date, also look at the docs, and the code itself under the expires sub. I haven't done e com crap for a while now, but I had lots of trouble getting IE to get it right. Remember Netscape invented the cookie, then IE had to go and tweak with it. Eric At 09:21 PM 3/23/02 -0500, Jesse and Rebecca Stay wrote: I guess in particular, does anyone know of any known issues with Apache::Cookie and IE6.0 (or any other versions)? On Saturday 23 March 2002 07:09 pm, Jesse and Rebecca Stay wrote: Here is the code I use (in this particular case it is being used with a redirect, but it doesn't work in any case.): my $cookieContent = Apache::Cookie-new( $r, -name= 'userSession', -value = $cookieValue, -expires = '+365d'); $cookieContent-bake(); $r-headers_out-set(Location = $redir); $r-status(REDIRECT); $r-send_http_header; return OK; I tried expires = '+1Y', but that didn't work either. Adding the domain doesn't do anything either. On Saturday 23 March 2002 06:44 pm, Frank Wiles wrote: On Sat, 23 Mar 2002 18:52:14 -0500 Jesse and Rebecca Stay [EMAIL PROTECTED] wrote: Has anyone had any issues in getting cookies to work with IE using mod_perl? I have tried using both CGI::Cookie and Apache::Cookie, and in both instances it works just fine under Netscape, but on IE it doesn't even try to set the cookie. Any ideas? What are you expire times on your cookies? We ran into a situation where I work that all of the Windows machines were in the wrong time zone and with a 2 hour expire, IE would not set the cookie because it thought it was already expired. Netscape would however set the cookie anyway. This may not be your problem, but it may be something to think about. - Frank Wiles [EMAIL PROTECTED] http://frank.wiles.org - http://www.kwinternet.com/eric (250) 655 - 9513 (PST Time Zone)