[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: lynx-dev strange cookie behavior
From: |
brian j. pardy |
Subject: |
Re: lynx-dev strange cookie behavior |
Date: |
Sun, 18 Oct 1998 18:25:28 -0700 |
Larry W. Virden wrote:
> I run lynx with persistent cookies and accept all. On
> <URL:http://www.onelist.com/> the cookies are used to keep track of your
> account. One that site I have two accounts, that I switch between.
> I can do this just fine using Netscape, but with lynx I am unable to get
> this to work. I will attempt soon to capture a Lynx.trace of the
> situation - it's just I don't know how best to do this and ensure that
> my passwords are not compromised.
>
> Has anyone else noticed a problem with a site that insists that you 'logout'
> of one account before using another. Surely more than just me has multiple
> family members using a common browser.
It looks to me like the server is asking us to blank out the information
in the cookies that we have.
GET http://www.onelist.com/logout.cgi HTTP/1.0
Host: www.onelist.com
[delete Accept: headers for legibility -bjp]
Negotiate: trans
User-Agent: Lynx/2.8.1pre.11 libwww-FM/2.14
Referer: http://www.onelist.com/
Cookie2: $Version="1"
Cookie: address@hidden; pid=pk.cuB6f964yk
----------------------------------
Sending HTTP request.
HTTP: WRITE delivered OK
HTTP request sent; waiting for response.
HTTP: Trying to read 1023
HTTP: Read 675
Read 675 bytes of data.
HTTP: Rx: HTTP/1.0 200 OK
HTTP: Scanned 2 fields from line_buffer
--- Talking HTTP1.
HTTP/1.0 200 OK
HTFormat: Constructing stream stack for www/mime to www/present
HTFormat: Looking up presentation for www/mime to www/present
HTFormat: comparing image/* and www/mime for half match
HTFormat: comparing audio/* and www/mime for half match
StreamStack: found weak wildcard match: www/present
FindPresentation: found exact match: www/mime
StreamStack: found exact match: www/mime
HTMIME: Date: Mon, 19 Oct 1998 01:02:17 GMT
Server: Apache/1.2.4
Set-Cookie: uid=; path=/
Set-Cookie: pid=; path=/
Content-Type: text/html
Age: 114
X-Cache: MISS from odin
Proxy-Connection: close
[delete html from the page -bjp]
HTMIME: Got 'D' at beginning of line, checking for 'ate:'
HTMIME: PICKED UP Date: 'Mon, 19 Oct 1998 01:02:17 GMT'
HTMIME: Got 'S' at beginning of line, state now S
HTMIME: Was S, found E, state now SE'
HTMIME: Was SE, found R, checking for 'ver'
HTMIME: PICKED UP Server: 'Apache/1.2.4'
HTMIME: Got 'S' at beginning of line, state now S
HTMIME: Was S, found E, state now SE'
HTMIME: Was SE, found T, checking for '-cookie'
HTMIME: Was SET_COOKIE, found :, processing
HTMIME: PICKED UP Set-Cookie: 'uid=; path=/'
HTMIME: Got 'S' at beginning of line, state now S
HTMIME: Was S, found E, state now SE'
HTMIME: Was SE, found T, checking for '-cookie'
HTMIME: Was SET_COOKIE, found :, processing
HTMIME: PICKED UP Set-Cookie: 'pid=; path=/'
HTMIME: Got 'C' at beginning of line, state now C
HTMIME: Was C, found O, state now CO'
HTMIME: Was CO, found N, state now CON
HTMIME: Was CON, found T, checking for 'ent-'
HTMIME: in case CONTENT_
HTMIME: Was CONTENT_, found T, state now CONTENT_T
HTMIME: in case CONTENT_T
HTMIME: Was CONTENT_T, found Y, checking for 'pe:'
HTMIME: PICKED UP Content-Type: 'text/html'
HTMIME: Got 'A' at beginning of line, state now A
HTMIME: Was A, found G, checking for 'e:'
HTMIME: PICKED UP Age: '114'
HTMIME: Got 'P' at beginning of line, state now P
HTMIME: Was P, found R, state now PR'
HTMIME: Was PR, found O, checking for 'xy-authenticate'
HTMIME: Bad character `C' found where `authenticate:' expected
HTMIME: MIME Content-Type is 'text/html', converting to 'www/present'
HTParse: aName:http://www.onelist.com/logout.cgi relatedName:
HTParse: result:www.onelist.com
HTParse: aName:http://www.onelist.com/logout.cgi relatedName:
1
HTParse: result:/logout.cgi
LYSetCookie called with host 'www.onelist.com', path '/',
and Set-Cookie: 'uid=; path=/, pid=; path=/'
[nothing after this except HTML handling]
This comment is in LYCookie.c:
/*
* If we have both Set-Cookie and Set-Cookie2 headers.
* process the Set-Cookie2 header. Otherwise, process
* whichever of the two headers we do have. Note that
* if more than one instance of a valued attribute for
* the same cookie is encountered, the value for the
* first instance is retained. We only accept up to 50
* cookies from the header, and only if a cookie's values
* do not exceed the 4096 byte limit on overall size. - FM
*/
Which *sounds* to me like FM was saying we ignore attempts at updating an
existing cookie. Am I parsing this right?
I haven't looked any further into the code, but will now.
--
Beware of a dark-haired man with a loud tie.
"HELP MY MAN PAGES AARE! DYING WITH THE SIGNALT 11!" -morat