Re: Apache::Cooke reserved chars

2001-12-18 Thread darren chamberlain 

[EMAIL PROTECTED] [EMAIL PROTECTED] said something to this effect on 
12/17/2001:
 I'm recording a url at the beginning of an app to restore the
 entrance url:
 
 sub set_referer {
   my $self = shift;
   if ($self-{R}) {
   require Apache::Cookie;
   
   my $cookie = Apache::Cookie-new($self-{R},
   -name=  REFERER,
   -value   =  $self-{R}-header_in('Referer'),
   -expires =  '2d',
   -domain  =  .$NFN::sites{$ENV{SITE}}{domain},
   -path=  '/'
   );
   $cookie-bake;
   }
   
 }
 
 
 Which stores the cookie portion like so:
 
 
REFERER=http://www.newsfactor.com/x.pl%3faction=reply_form_htmlboard=nfntalkbackid=3288
 
 However when I pull this back in with Apache::Cookie-fetch,
 the data then reads:
 
 http://www.newsfactor.com/x.pl?action=reply_form_html
 
 Apache::Cookie seems to be stripping out the portion after the first 
 ampersand.
 
 Anybody know what do do here?

Use escape_uri and unescape_uri, or some other pair of reversable
functions.  For example, store it as:

use Apache::Util qw(escape_uri unescape_uri);
sub set_referer {
my $self = shift;
if ($self-{R}) {
require Apache::Cookie;

my $cookie = Apache::Cookie-new($self-{R},
-name=  REFERER,
-value   =  escape_uri($self-{R}-header_in('Referer')),
-expires =  '2d',
-domain  =  .$NFN::sites{$ENV{SITE}}{domain},
-path=  '/'
);
$cookie-bake;
}

}

And then fetch it as:

  my $value = unescape_uri($cookies{'REFERER'});

(darren)

-- 
Men are from earth. Women are from earth. Deal with it.

Re: Apache::Cooke reserved chars

2001-12-18 Thread dbohling 


darren chamberlain wrote:

 [EMAIL PROTECTED] [EMAIL PROTECTED] said something to this effect on 
12/17/2001:
 
I'm recording a url at the beginning of an app to restore the
entrance url:

sub set_referer {
  my $self = shift;
  if ($self-{R}) {
  require Apache::Cookie;
  
  my $cookie = Apache::Cookie-new($self-{R},
  -name=  REFERER,
  -value   =  $self-{R}-header_in('Referer'),
  -expires =  '2d',
  -domain  =  .$NFN::sites{$ENV{SITE}}{domain},
  -path=  '/'
  );
  $cookie-bake;
  }
  
}


Which stores the cookie portion like so:

REFERER=http://www.newsfactor.com/x.pl%3faction=reply_form_htmlboard=nfntalkbackid=3288

However when I pull this back in with Apache::Cookie-fetch,
the data then reads:

http://www.newsfactor.com/x.pl?action=reply_form_html

Apache::Cookie seems to be stripping out the portion after the first 
ampersand.

Anybody know what do do here?

 
 Use escape_uri and unescape_uri, or some other pair of reversable
 functions.  For example, store it as:
 
 use Apache::Util qw(escape_uri unescape_uri);
 sub set_referer {
   my $self = shift;
   if ($self-{R}) {
   require Apache::Cookie;
   
   my $cookie = Apache::Cookie-new($self-{R},
   -name=  REFERER,
   -value   =  escape_uri($self-{R}-header_in('Referer')),
   -expires =  '2d',
   -domain  =  .$NFN::sites{$ENV{SITE}}{domain},
   -path=  '/'
   );
   $cookie-bake;
   }
   
 }
 
 And then fetch it as:
 
   my $value = unescape_uri($cookies{'REFERER'});
 
 (darren)
 


Thanks darren,

Tried this and it appears that Apache::Util escapes the same characters 
that Apache::Cookie does when it prepares this cookie. Problem is that 
it wont pull the ampersands back in. I'm assuming the thinking is that 
Apache::Cookie shoud be able to decode a string it encodes. I'm running 
an older version of mod_perl (1.24_01), wondering if anybody knows if 
this issue has been seen before, and if it's been fixed in more recent 
versions.




-- 
--
Daniel Bohling
NewsFactor Network

Re: Apache::Cooke reserved chars

2001-12-18 Thread darren chamberlain 

[EMAIL PROTECTED] [EMAIL PROTECTED] said something to this effect on 
12/18/2001:
  Use escape_uri and unescape_uri, or some other pair of reversable
  functions.  For example, store it as:

 Tried this and it appears that Apache::Util escapes the same
 characters that Apache::Cookie does when it prepares this
 cookie. Problem is that it wont pull the ampersands back in.
 I'm assuming the thinking is that Apache::Cookie shoud be able
 to decode a string it encodes. I'm running an older version of
 mod_perl (1.24_01), wondering if anybody knows if this issue
 has been seen before, and if it's been fixed in more recent
 versions.

URI::Escape::uri_escape allows you to pass a list of unsafe
characters as the optional second argument (although
Apache::Util::unescape_uri does not; see src/main/util.c in the
apache source for why).  Here is an updated version of my
previous example (trimmed; the value for $url is the one you gave
in the original message):

  use URI::Escape;
  my $url = 
q|http://www.newsfactor.com/x.pl?action=reply_form_htmlboard=nfntalkbackid=3288|;
  my $escaped = uri_escape($url, '\x00-\xff');

Now, $escaped looks like:

  
%68%74%74%70%3A%2F%2F%77%77%77%2E%6E%65%77%73%66%61%63%74%6F%72%2E%63%6F%6D%2F%78%78%78%78%78%2E%70%6C%3F%61%63%74%69%6F%6E%3D%72%65%70%6C%79%5F%66%6F%72%6D%5F%68%74%6D%6C%26%62%6F%61%72%64%3D%6E%66%6E%74%61%6C%6B%62%61%63%6B%26%69%64%3D%33%32%38%38

This should be OK as a cookie value.  The value of $escaped is
easily retrievable with:

  my $unescaped = uri_unescape($escaped);

The only problem, such as it may be, is that the version in
URI::Escape pure perl, and therefore slower than the version in
Apache::Util.

(darren)

-- 
I invented the term Object-Oriented, and I can tell you,
I didn't have C++ in mind.
-- Alan Kay

Re: Apache::Cooke reserved chars

2001-12-18 Thread dbohling 



darren chamberlain wrote:

 [EMAIL PROTECTED] [EMAIL PROTECTED] said something to this effect on 
12/18/2001:
 
Use escape_uri and unescape_uri, or some other pair of reversable
functions.  For example, store it as:

Tried this and it appears that Apache::Util escapes the same
characters that Apache::Cookie does when it prepares this
cookie. Problem is that it wont pull the ampersands back in.
I'm assuming the thinking is that Apache::Cookie shoud be able
to decode a string it encodes. I'm running an older version of
mod_perl (1.24_01), wondering if anybody knows if this issue
has been seen before, and if it's been fixed in more recent
versions.

 
 URI::Escape::uri_escape allows you to pass a list of unsafe
 characters as the optional second argument (although
 Apache::Util::unescape_uri does not; see src/main/util.c in the
 apache source for why).  Here is an updated version of my
 previous example (trimmed; the value for $url is the one you gave
 in the original message):
 
   use URI::Escape;
   my $url = 
q|http://www.newsfactor.com/x.pl?action=reply_form_htmlboard=nfntalkbackid=3288|;
   my $escaped = uri_escape($url, '\x00-\xff');
 
 Now, $escaped looks like:
 
   
%68%74%74%70%3A%2F%2F%77%77%77%2E%6E%65%77%73%66%61%63%74%6F%72%2E%63%6F%6D%2F%78%78%78%78%78%2E%70%6C%3F%61%63%74%69%6F%6E%3D%72%65%70%6C%79%5F%66%6F%72%6D%5F%68%74%6D%6C%26%62%6F%61%72%64%3D%6E%66%6E%74%61%6C%6B%62%61%63%6B%26%69%64%3D%33%32%38%38
 
 This should be OK as a cookie value.  The value of $escaped is
 easily retrievable with:
 
   my $unescaped = uri_unescape($escaped);
 
 The only problem, such as it may be, is that the version in
 URI::Escape pure perl, and therefore slower than the version in
 Apache::Util.
 
 (darren)
 
 
Yeah I don't wanna have to load up URI::Escape, I'm just doing a s//___/g

and doing the inverse after receiving the URL on the other end.


Does anybody know why Apache::Cookie is barfing on the ampersands? I 
looked at the RFC yesterday and ampersand is not listed as unsafe.

Btw, thanks for your suggestions darren.



-- 
--
Daniel Bohling
NewsFactor Network