[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: lynx-dev tvgen cookie problem
From: |
brian j. pardy |
Subject: |
Re: lynx-dev tvgen cookie problem |
Date: |
Sun, 11 Oct 1998 12:08:54 -0700 |
David Woolley wrote:
> >
> > The problem of accessing the tvgen website has still not been resolved.
> > Could someone familiar with cookie handling please take a look? -- or direct
> > me to documentation on cookies so I can pursue it myself?
>
> RFC 2109
>
> > Someone (I can't remember who) suggested that the problem might be
> > that lynx is presenting cookies to the server in reverse order.
> > Someone else suggested there might be a spurious newline in the cookie
> > file (buffer overflow). Still others suggested the site is broken.
>
> If presenting them in reverse order, causes a problem, it would imply
> that the site was broken, not Lynx:
>
> If multiple cookies satisfy the criteria above, they are ordered in
> the Cookie header such that those with more specific Path attributes
> precede those with less specific. Ordering with respect to other
> attributes (e.g., Domain) is unspecified.
>
> i.e. order of arrival is not a condition and there are conditions which
> may cause order of arrival to be violated.
That's what I had expected.
The latest patch I made to cookie handling makes sure that Lynx stores
cookies internally in the same order that it reads them from the
COOKIE_FILE. I don't think this would be leading Lynx towards broken
behavior, and if it helps Lynx be compatible with broken sites (while
still following spec) I don't think it's a problem.
> The other thing to consider with so many cookies is that there may be
> some danger of violating the minimum implementation limits, or of
> unecessarily limiting the number of sites for which a minimum implementation
> can track cookies (i.e. at the full 20 cookies, one can only track 15 sites
> for a total of 300):
>
> * at least 300 cookies
>
> * at least 4096 bytes per cookie (as measured by the size of the
> characters that comprise the cookie non-terminal in the syntax
> description of the Set-Cookie header)
>
> * at least 20 cookies per unique host or domain name
>
> User agents created for specific purposes or for limited-capacity
> devices should provide at least 20 cookies of 4096 bytes, to ensure
> that the user can interact with a session-based origin server.
Presently cookies are hardcoded to a maximum of 50 in LYCookie.c. We
should probably change this to a user-settable amount prior to 2.8.1.
--
does your DRESSING ROOM have enough ASPARAGUS?
How can you work when the system's so crowded?