multiple cookies in a single response
Locked
multiple cookies in a single response
 
|
Hello list,
I am new to this list, so please excuse me if this is not the appropriate place for my question. We're developing a web application using the Hyper Server. We ran into some problems when we tried to set multiple cookies in a single response. Although Hyper 'correctly' implements the RFC that states that multiple cookies should be comma separated into a single Set-Cookie field, most browsers have different ideas about this. See http://code.google.com/p/browsersec/wiki/Part2#Same-origin_policy_for_cookies for more information on browsers and their cookie behavior. Contrary to what the RFC states, all browsers accept multiple Set-Cookie headers in a response. I've implemented this behavior in Hyper by changing the valueAsStringOn instance method in the HyHTTPSetCookie class. valuesAsStringOn: aStream aStream nextPutAll: (self cookies at: 1). 2 to: self cookies size do: [:cookieIndex | aStream crlf; nextPutAll: self name; nextPutAll: ': '; nextPutAll: (self cookies at: cookieIndex)]. ^self Has anybody else experienced problems using multiple cookies in a single response? Dick Heijink ------------------------------------------------------------------------------ Download Intel® Parallel Studio Eval Try the new software tools for yourself. Speed compiling, find bugs proactively, and fine-tune applications for parallel performance. See why Intel Parallel Studio got high marks during beta. http://p.sf.net/sfu/intel-sw-dev _______________________________________________ Swazoo-devel mailing list [hidden email] https://lists.sourceforge.net/lists/listinfo/swazoo-devel |
Re: multiple cookies in a single response
|
|
Dick,
Firstly, this list is absolutely the right place for such questions. I confess that I don't use cookies at all, so I can't say that I have run into the problem you see. Thank you very much for bringing this up. May I include you code in future versions of Hyper under the LGPL? I will credit you, of course. I'll have a look at the link you gave and run some tests. Many thanks, Bruce On 18 March 2010 10:09, Dick Heijink <[hidden email]> wrote: > Hello list, > > I am new to this list, so please excuse me if this is not the appropriate > place for my question. > We're developing a web application using the Hyper Server. We ran into some > problems when we tried to set multiple cookies in a single response. > Although Hyper 'correctly' implements the RFC that states that multiple > cookies should be comma separated into a single Set-Cookie field, most > browsers have different ideas about this. > See > http://code.google.com/p/browsersec/wiki/Part2#Same-origin_policy_for_cookies > for more information on browsers and their cookie behavior. > Contrary to what the RFC states, all browsers accept multiple Set-Cookie > headers in a response. I've implemented this behavior in Hyper by changing > the valueAsStringOn instance method in the HyHTTPSetCookie class. > > valuesAsStringOn: aStream > aStream nextPutAll: (self cookies at: 1). > 2 > to: self cookies size > do: > [:cookieIndex | > aStream > crlf; > nextPutAll: self name; > nextPutAll: ': '; > nextPutAll: (self cookies at: cookieIndex)]. > ^self > > Has anybody else experienced problems using multiple cookies in a single > response? > > Dick Heijink > > ------------------------------------------------------------------------------ > Download Intel® Parallel Studio Eval > Try the new software tools for yourself. Speed compiling, find bugs > proactively, and fine-tune applications for parallel performance. > See why Intel Parallel Studio got high marks during beta. > http://p.sf.net/sfu/intel-sw-dev > _______________________________________________ > Swazoo-devel mailing list > [hidden email] > https://lists.sourceforge.net/lists/listinfo/swazoo-devel > > -- Make the most of your skills - with OpenSkills http://www.openskills.org/ ------------------------------------------------------------------------------ Download Intel® Parallel Studio Eval Try the new software tools for yourself. Speed compiling, find bugs proactively, and fine-tune applications for parallel performance. See why Intel Parallel Studio got high marks during beta. http://p.sf.net/sfu/intel-sw-dev _______________________________________________ Swazoo-devel mailing list [hidden email] https://lists.sourceforge.net/lists/listinfo/swazoo-devel |
Re: multiple cookies in a single response
|
|
Thank you for quick response, Bruce.
Please feel free to adapt the code to suit your needs/coding practices. Dick Heijink 2010/3/18 Bruce Badger <[hidden email]> Dick, ------------------------------------------------------------------------------ Download Intel® Parallel Studio Eval Try the new software tools for yourself. Speed compiling, find bugs proactively, and fine-tune applications for parallel performance. See why Intel Parallel Studio got high marks during beta. http://p.sf.net/sfu/intel-sw-dev _______________________________________________ Swazoo-devel mailing list [hidden email] https://lists.sourceforge.net/lists/listinfo/swazoo-devel |
Re: multiple cookies in a single response
|
|
In reply to this post by Dick Heijink
2010/3/18 Dick Heijink <[hidden email]>:
> Hello list, > > I am new to this list, so please excuse me if this is not the appropriate > place for my question. > We're developing a web application using the Hyper Server. We ran into some > problems when we tried to set multiple cookies in a single response. > Although Hyper 'correctly' implements the RFC that states that multiple > cookies should be comma separated into a single Set-Cookie field, most > browsers have different ideas about this. > See > http://code.google.com/p/browsersec/wiki/Part2#Same-origin_policy_for_cookies > for more information on browsers and their cookie behavior. > Contrary to what the RFC states, all browsers accept multiple Set-Cookie > headers in a response. I've implemented this behavior in Hyper by changing > the valueAsStringOn instance method in the HyHTTPSetCookie class. > > valuesAsStringOn: aStream > aStream nextPutAll: (self cookies at: 1). > 2 > to: self cookies size > do: > [:cookieIndex | > aStream > crlf; > nextPutAll: self name; > nextPutAll: ': '; > nextPutAll: (self cookies at: cookieIndex)]. > ^self > > Has anybody else experienced problems using multiple cookies in a single > response? Yes we (Seaside) did and reported it here. We were told that this is a bug in browsers (which we agree on) so there's no need to fix it in Swazoo (which we disagree on). Seaside hacks around it with a custom cookie header class. Cheers Philippe ------------------------------------------------------------------------------ Download Intel® Parallel Studio Eval Try the new software tools for yourself. Speed compiling, find bugs proactively, and fine-tune applications for parallel performance. See why Intel Parallel Studio got high marks during beta. http://p.sf.net/sfu/intel-sw-dev _______________________________________________ Swazoo-devel mailing list [hidden email] https://lists.sourceforge.net/lists/listinfo/swazoo-devel |
Re: multiple cookies in a single response
|
|
Phileppe,
On 18 March 2010 11:29, Philippe Marschall <[hidden email]> wrote: > Yes we (Seaside) did and reported it here. We were told that this is a > bug in browsers (which we agree on) so there's no need to fix it in > Swazoo (which we disagree on). Well, I'll be fixing this in Hyper. :-) -- Make the most of your skills - with OpenSkills http://www.openskills.org/ ------------------------------------------------------------------------------ Download Intel® Parallel Studio Eval Try the new software tools for yourself. Speed compiling, find bugs proactively, and fine-tune applications for parallel performance. See why Intel Parallel Studio got high marks during beta. http://p.sf.net/sfu/intel-sw-dev _______________________________________________ Swazoo-devel mailing list [hidden email] https://lists.sourceforge.net/lists/listinfo/swazoo-devel |
«
Return to Swazoo
|
1 view|%1 views
| Free forum by Nabble | Edit this page |