[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: lynx-dev Anyone else seeing a problem in lynx 2.8.3dev.1 and cookies
From: |
Klaus Weide |
Subject: |
Re: lynx-dev Anyone else seeing a problem in lynx 2.8.3dev.1 and cookies? |
Date: |
Thu, 17 Jun 1999 13:18:53 -0500 (CDT) |
On Thu, 17 Jun 1999, Larry W. Virden wrote:
> Once I upgraded to this newest version of lynx, I find I am no longer
> able to log into <URL: http://mail.yahoo.com/>. I have a Lynx trace of what
> happens during this sequence.
> o I fill in my password
> o turn on tracing
> o press submit
> o Lynx displays the login screen again, with no error displayed.
>
> I configure lynx with:
> /home/lwv26/i/src/Unix/lynx/t/lynx2-8-3/configure --prefix=/projects/intranet
> --libdir=/projects/intranet/lib/lynx
> --includedir=/projects/gnu/sparc-sun-solar
> is2.6/include --with-screen=ncurses --with-included-gettext --with-catgets
> --wit
> h-zlib --enable-included-msgs --enable-default-colors --enable-extended-dtd
> --en
> able-externs --enable-forms-options --enable-nls --enable-nsl-fork
> --enable-part
> ial --enable-persistent-cookies --enable-libjs --enable-source-cache
>
> I compile it on SPARC Solaris 2.6 using Sun's C compiler version 4.2.
>
> In my lynx.cfg file I have:
Larry, you could at least have filtered your config files through
grep -v '^[# ]' | grep -v '^$'
(or something like that)!
It seems to me this has nothing whatsoever to do with the lynx version.
They are just sending bogus stuff, that's all. Stuff like this:
LYSetCookie called with host 'login.yahoo.com', path '/config',
and Set-Cookie:
'T=z=hyQa3Ah4la3AkRG8DXT.diVNgY2MTc1NjE0MTY-&a=AAA&sj=CAA.ao/4TdVuvx&d=sl,MQExNjAyMTYzNjE-,a,AAA,zz,hyQa3AgWA;expires=Fri,
31 Dec 1999 23:00:00 GMT; path=/; domain=.yahoo.com'
just can't work with Lynx's parsing, there cannot be commas in the cookie
value, since that is taken as a separator between cookies. I guess they
must have just started this, older versions of lynx would also fail to
parse this as (apparently) wanted.
This may work with other browsers, if they don't try to implement RFC 2109
(and draft-ietf-http-state-man-mec-N) parsing. They don't care. But even
Netscape's so-called Preliminary Specification says:
NAME=VALUE
This string is a sequence of characters excluding semi-colon, comma
and white
space. If there is a need to place such data in the name or value,
some encoding
method such as URL style %XX encoding is recommended, though no
encoding is defined
or required.
Complain to Yahoo.
Klaus