passing cookies to pages from David Byron on 2006-05-05 (www-validator@w3.org from May 2006)

From: David Byron <DByron@telecomsys.com>
Date: Fri, 5 May 2006 13:22:45 -0700
To: <www-validator@w3.org>
Message-ID: <48FF5C0738968842850CB66C644EF57455381A@oak-exc-1.telecomsys.com>

I'd like to validate a page that needs a cookie to work properly.  I saw
this post:

http://www.w3.org/2002/02/mid/20030718235910.B975-100000@fenris.webthing
..com;list=www-validator

that discusses why passing cookies around isn't a good idea.

I'm new to the world of HTML validators so I don't know if the one at
http://valet.webthing.com/page/ is better or worse than the one at
validator.w3.org.  I'd love some background here.

Would you consider modifying the check script to:

- accept another URL parameter named cookiejar whose value is a Netscape
cookie file
- passing that cookie file on to the W3C::Validator::UserAgent

I think that takes care of any security issue.  If the person invoking
the validator service wants to send cookies, s/he can.  If not, no
cookies.

I added the following code to handle_uri that does this:

  my $cookiejar = $q->param('cookiejar');
  if ($cookiejar) {
    require HTTP::Cookies;
    $ua->cookie_jar(HTTP::Cookies::Netscape->new( file => "$cookiejar"
));
  }

Thoughts?

-DB

Received on Sunday, 7 May 2006 13:11:39 UTC