W3C home > Mailing lists > Public > www-jigsaw@w3.org > March to April 2007

Re: Cookie parsing issue...

From: Yves Lafon <ylafon@w3.org>
Date: Fri, 16 Mar 2007 06:59:53 -0400 (EDT)
To: "Laird, Brian" <BLaird@havigs.com>
Cc: www-jigsaw@w3.org
Message-ID: <Pine.LNX.4.64.0703160656220.7054@ubzre.j3.bet>

On Fri, 16 Mar 2007, Laird, Brian wrote:

> I hope things are well; it has been a while since we have talked.  We
> came across a problem I am hoping you (or someone who knows the jigsaw
> code well) can help us with.  In a majority of our processing we are
> using some randomly generated cookie values from a third party as kind
> of a session identifier.  Well a few days ago the value being generated
> started to look like this (without the double quotes):
> "0_0RbEAwflUxOTIxNjgyMDMzMw==".  We also store this value in memory and
> compare it to the cookie when the user comes back to our site.

Hi Brian, good to see you again!
I'll look into that soon, the parsing of Cookies was a bit weird to allow 
Cookies to be sent in multiple headers.
I recently did some modification in Jigsaw for the compilation in jdk1.5 
and 1.6, and there may be a new CVS branch with some jdk1.4+ optimizations 
in it.

> The problem we are seeing is that the browser is sending in the right
> value but jigsaw is dropping the last two equal signs.  One note is that
> the cookie is in the middle of other cookies when you look at the header
> but there is semicolon at end of the value as would be expected.
>
>
>
> A little bit of background on environment:
>
> - We are running 2.2.5a code
>
> - Jigsaw is using JDK 1.5_06
>
> - Solaris 8
>
>
>
> Do you have any thoughts on why this might be happening or at least
> which class the actual parsing of the cookies from the request header is
> happening in?  I am perfectly willing to try to make a fix, but I wasn't
> able to easily find where the low level parsing actually took place.
>
>
>
> Thanks in advance for any help on this one,
>
> Brian
>
> ************************************************************************
> This e-mail and any accompanying documents or files contain information that is the
> property of HAVI Global Solutions, that is intended solely for those to whom this e-mail is addressed
> (i.e., those identified in the "To" and "Cc" boxes), and that is confidential, proprietary,
> and/or privileged.  If you are not an intended recipient of this e-mail, you are hereby
> notified that any viewing, use, disclosure, forwarding, copying, or distribution of any of
> this information is strictly prohibited and may be subject to legal sanctions.  If you have
> received this e-mail in error, please notify the sender immediately of any unintended
> recipients, and delete the e-mail, all attachments, and all copies of both from your system.
>
> While we have taken reasonable precautions to ensure that any attachments to this e-mail
> have been swept for viruses, we cannot accept liability for any damage sustained as a
> result of software viruses.
> ************************************************************************
>

-- 
Baroula que barouleras, au tiéu toujou t'entourneras.

         ~~Yves
Received on Friday, 16 March 2007 11:00:25 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Monday, 9 April 2012 12:13:38 GMT