hc-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From HUR...@Nationwide.com
Subject Cookie header requests not being accepted by IIS/ColdFusion 5 server
Date Tue, 21 Dec 2004 17:18:22 GMT
I submitted this to the user mailing list, but then read that I probably 
should have submitted it here instead. Sorry about that...

I have been trying to get my ColdFusion 5/IIS server to work with Canoo 
Webtest (which uses HTTPClient) and everything works except client 
variables. In ColdFusion, client variables depend on being able to set and 
read two cookies (CFID and CFTOKEN) on the client. The pages I am trying 
to get to work with httpclient work flawlessly when I use Internet 
Explorer 6.0 instead.

With HTTPClient and two successive, identical requests, the following 
protocol steps occur (for simplicity, I refer only to CFID):

1) HTTPClient sends the first GET request to the server

2) The server sets a cookie in the browser with a response header:
Set-Cookie: CFID=118341; expires=Sun, 27-Sep-2037 00:00:00 GMT; path=/;

3) Httpclient now tries an identical second GET request and sends a 
request header containing: 
Cookie: CFID=118341

4) The server replies in the next response header with a new value for 
CFID:
Set-Cookie: CFID=118342; expires=Sun, 27-Sep-2037 00:00:00 GMT; path=/;

Step 4 should not occur because step 3 should have signaled the server 
that the client already has a valid CFID and this value should be used to 
access server-stored client variables. So, the server is not 
accepting/recognizing CFID=118341 for some reason and is issuing the next 
increment in CFID to the browser. I can watch all of this happen by 
following the wire debug information output by httpclient.

If I use ColdFusion code, I get interesting disparities. One CF function, 
GetHTTPRequestData, shows the headers have been received by the CF Server 
engine and these values match what httpclient's debug log says. However, 
if I loop through all cookies using CF code on the same page and 
immediately after the GetHTTPRequestData function, the CFID cookie shows a 
newly incremented value!

If I pass CFID and CFTOKEN in the action URL of a form, httpclient can 
submit the form just as well as Internet Explorer. Examination of the 
headers in this URL-passed case shows that the server recognizes the CFID 
and CFTOKEN from the URL and responds with an identical CFID and CFTOKEN 
in the Set-Cookie header of the next response.

I can't figure out why the cookie information in the httpclient-initiated 
request is being ignored by our server. The headers appear to be formatted 
correctly. All cookies seem to have the right values as they are passed 
back and forth.

Below is an example of a trace and you will see where the server accepts 
URL-appended parameters and ignores header-embedded information. In this 
example, I start at working.cfm, which submits to security_router.cfm with 
CFID and CFTOKEN in the action URL. Notice that the browser is also 
responding with the initial header information, but the server only 
recognizes the URL version (a 118315 value previously set on the server 
using Internet Explorer). The browser then dutifully accepts the new CFID 
value which it will use in its next request.

Finally, working.cfm is loaded a second time as a final test and here we 
stop. The browser CFID cookie is ignored on the second working.cfm load, 
but, in this case, there is no URL to save the day and the server 
increments the CFID in its next response.

Again, this all works fine in Internet Explorer. I have used a header 
display utility for Internet Explorer and you can see that once CF Server 
receives a CFID-laden cookie request header, it never issues a Set-Cookie 
header after that (unless a CFID is received in an form's action URL, 
whereupon CF Server WILL ignore the request header and issue a new 
set-cookie command with the value from the action URL.)

Now, there is one other relevant piece of information. HTTPClient allows 
the cookie compatibility mode to be set to one of three values. Webtest's 
code, however, exerts control over this option and CURRENTLY always forces 
the setting to 'compatibility'. This prevents me from trying the other two 
modes by setting a system property.  This has been changed recently, but 
not committed in Webtest, so I am still waiting to try this. I do not know 
what kind of cookie CF Server might prefer and I also don't know whether 
these modes matter much more to the client than the server. HTTPClient 
seems to understand CF Server's Set-Cookie response headers very well; it 
is CF Server that doesn't seem to recognize HTTPClient's Cookie: request 
header.

Sorry to be so long-winded, but there's a lot of information to cover here 
to describe this problem adequately. If I'm lucky, I may even get in below 
this list's maximum message length ;)...

Anyone have any ideas?

Jerry


 [testSpec] DEBUG (httpclient.wire.header) - >> "GET 
/personal/pgh009/_TESTING/center/templates/working.cfm HTTP/1.1[\r][\n]"
 [testSpec] DEBUG (httpclient.wire.header) - >> "User-Agent: Mozilla/4.0 
(compatible; MSIE 6.0b; Windows 98)[\r][\n]"
 [testSpec] DEBUG (httpclient.wire.header) - >> "Host: 
test.allied.nwie.net[\r][\n]"
 [testSpec] DEBUG (httpclient.wire.header) - >> "[\r][\n]"

 [testSpec] DEBUG (httpclient.wire.header) - << "HTTP/1.1 200 OK[\r][\n]"
 [testSpec] DEBUG (httpclient.wire.header) - << "Server: 
Microsoft-IIS/5.0[\r][\n]"
 [testSpec] DEBUG (httpclient.wire.header) - << "Date: Wed, 15 Dec 2004 
20:16:16 GMT[\r][\n]"
 [testSpec] DEBUG (httpclient.wire.header) - << "Pragma: no-cache[\r][\n]"
 [testSpec] DEBUG (httpclient.wire.header) - << "Cache-Control: 
no-cache[\r][\n]"
 [testSpec] DEBUG (httpclient.wire.header) - << "Expires: Monday, 01 Jan 
1980 15:20 GMT[\r][\n]"
 [testSpec] DEBUG (httpclient.wire.header) - << "Connection: 
close[\r][\n]"
 [testSpec] DEBUG (httpclient.wire.header) - << "Content-type: 
text/html[\r][\n]"
 [testSpec] DEBUG (httpclient.wire.header) - << "Page-Completion-Status: 
Normal[\r][\n]"
 [testSpec] DEBUG (httpclient.wire.header) - << "Page-Completion-Status: 
Normal[\r][\n]"
 [testSpec] DEBUG (httpclient.wire.header) - << "Set-Cookie: CFID=118341; 
expires=Sun, 27-Sep-2037 00:00:00 GMT; path=/;[\r][\n]"
 [testSpec] DEBUG (httpclient.wire.header) - << "Set-Cookie: 
CFTOKEN=4d7a427%2D31a7af1b%2D5d61%2D415a%2D9bcc%2D75a5aa5aee29; 
expires=Sun, 27-Sep-2037 00:00:00 GMT; path=/;[\r][\n]"

 [testSpec] DEBUG (httpclient.wire.header) - >> "POST 
/personal/pgh009/_TESTING/center/templates/security_router.cfm?CFID=118315&CFTOKEN=5183111-9%20fcc7411-1b5e-40b9-a49a-10fb201ee036

HTTP/1.1[\r][\n]"
 [testSpec] DEBUG (httpclient.wire.header) - >> "User-Agent: Mozilla/4.0 
(compatible; MSIE 6.0b; Windows 98)[\r][\n]"
 [testSpec] DEBUG (httpclient.wire.header) - >> "Host: 
test.allied.nwie.net[\r][\n]"
 [testSpec] DEBUG (httpclient.wire.header) - >> "Cookie: 
CFID=118341[\r][\n]"
 [testSpec] DEBUG (httpclient.wire.header) - >> "Cookie: 
CFTOKEN=4d7a427%2D31a7af1b%2D5d61%2D415a%2D9bcc%2D75a5aa5aee29[\r][\n]"
 [testSpec] DEBUG (httpclient.wire.header) - >> "Content-Length: 
41[\r][\n]"
 [testSpec] DEBUG (httpclient.wire.header) - >> "Content-Type: 
application/x-www-form-urlencoded[\r][\n]"
 [testSpec] DEBUG (httpclient.wire.header) - >> "[\r][\n]"

 [testSpec] DEBUG (httpclient.wire.header) - << "HTTP/1.1 100 
Continue[\r][\n]"
 [testSpec] DEBUG (httpclient.wire.header) - << "Server: 
Microsoft-IIS/5.0[\r][\n]"
 [testSpec] DEBUG (httpclient.wire.header) - << "Date: Wed, 15 Dec 2004 
20:16:17 GMT[\r][\n]"
 [testSpec] DEBUG (httpclient.wire.header) - << "Pragma: no-cache[\r][\n]"
 [testSpec] DEBUG (httpclient.wire.header) - << "Cache-Control: 
no-cache[\r][\n]"
 [testSpec] DEBUG (httpclient.wire.header) - << "Expires: Monday, 01 Jan 
1980 15:20 GMT[\r][\n]"
 [testSpec]  INFO (org.apache.commons.httpclient.HttpMethodBase) - 
Discarding unexpected response: HTTP/1.1 100 Continue
 [testSpec] DEBUG (httpclient.wire.header) - << "HTTP/1.1 200 OK[\r][\n]"
 [testSpec] DEBUG (httpclient.wire.header) - << "Server: 
Microsoft-IIS/5.0[\r][\n]"
 [testSpec] DEBUG (httpclient.wire.header) - << "Date: Wed, 15 Dec 2004 
20:16:17 GMT[\r][\n]"
 [testSpec] DEBUG (httpclient.wire.header) - << "Pragma: no-cache[\r][\n]"
 [testSpec] DEBUG (httpclient.wire.header) - << "Cache-Control: 
no-cache[\r][\n]"
 [testSpec] DEBUG (httpclient.wire.header) - << "Expires: Monday, 01 Jan 
1980 15:20 GMT[\r][\n]"
 [testSpec] DEBUG (httpclient.wire.header) - << "Connection: 
close[\r][\n]"
 [testSpec] DEBUG (httpclient.wire.header) - << "Content-type: 
text/html[\r][\n]"
 [testSpec] DEBUG (httpclient.wire.header) - << "Page-Completion-Status: 
Normal[\r][\n]"
 [testSpec] DEBUG (httpclient.wire.header) - << "Page-Completion-Status: 
Normal[\r][\n]"
 [testSpec] DEBUG (httpclient.wire.header) - << "Set-Cookie: CFID=118315; 
expires=Sun, 27-Sep-2037 00:00:00 GMT; path=/;[\r][\n]"
 [testSpec] DEBUG (httpclient.wire.header) - << "Set-Cookie: 
CFTOKEN=5183111%2D9+fcc7411%2D1b5e%2D40b9%2Da49a%2D10fb201ee036; 
expires=Sun, 27-Sep-2037 00:00:00 GMT; path=/;[\r][\n]"

 [testSpec] DEBUG (httpclient.wire.header) - >> "GET 
/personal/pgh009/_TESTING/center/templates/working.cfm HTTP/1.1[\r][\n]"
 [testSpec] DEBUG (httpclient.wire.header) - >> "User-Agent: Mozilla/4.0 
(compatible; MSIE 6.0b; Windows 98)[\r][\n]"
 [testSpec] DEBUG (httpclient.wire.header) - >> "Host: 
test.allied.nwie.net[\r][\n]"
 [testSpec] DEBUG (httpclient.wire.header) - >> "Cookie: 
CFID=118315[\r][\n]"
 [testSpec] DEBUG (httpclient.wire.header) - >> "Cookie: 
CFTOKEN=5183111%2D9+fcc7411%2D1b5e%2D40b9%2Da49a%2D10fb201ee036[\r][\n]"
 [testSpec] DEBUG (httpclient.wire.header) - >> "[\r][\n]"

 [testSpec] DEBUG (httpclient.wire.header) - << "HTTP/1.1 200 OK[\r][\n]"
 [testSpec] DEBUG (httpclient.wire.header) - << "Server: 
Microsoft-IIS/5.0[\r][\n]"
 [testSpec] DEBUG (httpclient.wire.header) - << "Date: Wed, 15 Dec 2004 
20:16:17 GMT[\r][\n]"
 [testSpec] DEBUG (httpclient.wire.header) - << "Pragma: no-cache[\r][\n]"
 [testSpec] DEBUG (httpclient.wire.header) - << "Cache-Control: 
no-cache[\r][\n]"
 [testSpec] DEBUG (httpclient.wire.header) - << "Expires: Monday, 01 Jan 
1980 15:20 GMT[\r][\n]"
 [testSpec] DEBUG (httpclient.wire.header) - << "Connection: 
close[\r][\n]"
 [testSpec] DEBUG (httpclient.wire.header) - << "Content-type: 
text/html[\r][\n]"
 [testSpec] DEBUG (httpclient.wire.header) - << "Page-Completion-Status: 
Normal[\r][\n]"
 [testSpec] DEBUG (httpclient.wire.header) - << "Page-Completion-Status: 
Normal[\r][\n]"
 [testSpec] DEBUG (httpclient.wire.header) - << "Set-Cookie: CFID=118342; 
expires=Sun, 27-Sep-2037 00:00:00 GMT; path=/;[\r][\n]"
 [testSpec] DEBUG (httpclient.wire.header) - << "Set-Cookie: 
CFTOKEN=412e9be%2Dc509b492%2D7529%2D4db7%2Dbd83%2Dae2255f976ee; 
expires=Sun, 27-Sep-2037 00:00:00 GMT; path=/;[\r][\n]"

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message