perl-modperl mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From yperl <yp...@club-internet.fr>
Subject Re: APR::* + PerlResponseHandler + Reading Cookie
Date Tue, 14 Mar 2006 21:00:44 GMT
Reinveting the wheel its in my nature to understand things  :-)

Hope that all anwsers are in chapter 13 (good number).

Thanks Geoffrey for all this explanations.

cheers
Younes


Geoffrey Young a écrit :
> in the future please keep responses on list :)
>
> yperl wrote:
>   
>> Geoffrey Young a écrit :
>>
>>     
>>> I find myself wondering if you're trying to set the cookie in one
>>> phase and
>>> read it from the PerlResponseHandler _during the same request_?
>>>   
>>>       
>> Yes. Is that usage not recommended?
>> Nothing in the doc is against that.
>>     
>
> it wouldn't be in the docs - it's the nature of the HTTP protocol and how
> cookies interact with it.
>
>   
>> I'm creating the cookie in a PerlAccessHandler and reading it from
>> a PerlResponseHandler, in the same request.
>>     
>
> nope, can't do that :)
>
> it works like this...
>
> your access handler will set the Set-Cookie header, which goes to the
> client.  when you try to read the cookie in from your PerlResponseHandler
> you aren't at the client yet, so there's no cookie to read back in yet - the
> client has yet to receive your cookie :)
>
> on the _next_ request the client will sent the Cookie header with its
> request and then you'll be able to glean it in your application.
>
> [lots of stuff snipped]
>
>   
>> GET http://coro/gdlweb/resolver
>> User-Agent: lwp-request/2.07
>>
>> GET
>> http://coro/gdlweb/resolver?utilisateur=sara&motdepasse=sara&target=accueil
>> --> 200 OK
>> Connection: close
>> Date: Tue, 14 Mar 2006 20:15:47 GMT
>> Server: Apache/2.2.0 (Unix) GDLWeb-BnF/0.3 mod_ssl/2.2.0 OpenSSL/0.9.7i
>> DAV/2 mod_apreq2-20051231/2.5.7 mod_perl/2.0.3-dev Perl/v5.8.8
>> Content-Length: 0
>> Content-Type: text/plain
>> Client-Date: Tue, 14 Mar 2006 20:15:47 GMT
>> Client-Peer: 192.168.1.3:80
>> Client-Response-Num: 1
>> Set-Cookie: foo=1142367347; path=/
>>     
>
> yup, there  it is.
>
>   
>> * Apache output:
>>
>> [Tue Mar 14 21:10:33 2006] [error] access to /gdlweb/resolver failed for
>> 192.168.1.3, reason: >>> cookie: none
>>
>> [Tue Mar 14 21:10:33 2006] [error] access to /gdlweb/resolver failed for
>> 192.168.1.3, reason: >>> JAR: $VAR1 = 'GET /gdlweb/resolver
>> HTTP/1.1\nTE: deflate,gzip;q=0.3\nConnection: TE, close\nHost:
>> coro\nUser-Agent: lwp-request/2.07\n\nHTTP/1.1 (null)\nSet-Cookie:
>> foo=1142367347; path=/\n\n';\n
>>
>>
>>
>> We can easily see that the dumped object $r contains the cookie named
>> "foo".
>>     
>
> no it doesn't.  it has the Set-Cookie header it it, which is different from
> the Cookie header the client will send you it has successfully registered a
> cookie for your domain.
>
> but really, it sounds like you're trying to reinvent the wheel a bit - take
> a look at Apache::AuthCookie on CPAN for cookie-based authentication.  and
> while you can find the nuances of cookies lots of places on the web, you
> might find this a useful read as well, as there are lots of interesting
> things you can do with cookies and authentication in general with mod_perl.
>
>   http://www.modperlcookbook.org/chapters/ch13.pdf
>
> HTH
>
> --Geoff
>
>   


Mime
View raw message