perl-modperl mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Devin Teske <dte...@vicor.com>
Subject Re: Overwriting a cookie in request header
Date Tue, 17 Nov 2009 15:35:32 GMT
Oops... forgot ending right-paren to add().

Replace (in all examples):

	. "; domain=$domain";

with:
	. "; domain=$domain");

^_^
--
Devin


On Tue, 2009-11-17 at 07:31 -0800, Devin Teske wrote:
> Try this:
> 
> use CGI::Util;
> my $domain = "mydomain.com";
> # Add cookie to HTTP response
> $r->err_headers_out->add("Set-Cookie" =>
> 	"cookie_name=cookie_value"
> 	. "; path=/"
> 	. "; expires="
> 	. &CGI::Util::expires('+60m', 'cookie');
> 	. "; domain=$domain";
> 
> This will create a cookie and add it to the HTTP response header, which
> will then expire in 60 minutes on the client-side by the browser.
> 
> Now let's say that you want to then kill that cookie (or perhaps change
> its value, or perhaps just update it so that it doesn't expire). This is
> done by passing back to the client (in a new HTTP response) a cookie
> with (a) the same name, (b) the same domain, and (c) the same path.
> These three key values (cookie name, path, and domain) are what create a
> unique cookie (and hence why you've ended up with two cookies ... it's
> not enough to simply pass back a name/value pair).
> 
> Here's an example for later deleting that same cookie (going with the
> above example, let's say the cookie's name is "cookie_name").
> 
> use CGI::Util;
> my $domain = "mydomain.com";
> # Tell the browser to delete cookie 'cookie_name' (set previously)
> $r->err_headers_out->add("Set-Cookie" =>
> 	"cookie_name="
> 	. "; path=/"
> 	. "; expires="
> 	. &CGI::Util::expires('now', 'cookie');
> 	. "; domain=$domain";
> 
> The expiration value of 'now' is translated by the expires() sub-routine
> into a valid cookie expiration date/time-string and facilitates the
> expiration of the cookie at the browser-side.
> 
> Again, remember that the cookie_name, path, and domain MUST match that
> of the original cookie, else nothing will happen.
> 
> Modifying the value of an existing cookie is very similar... just pass
> back a cookie with matching name/path/domain with some new value and
> with an expiration sometime in the future... the browser will overwrite
> the old cookie with the new (again, because the name/path/domain match).
> --
> Devin
> 
> 
> 
> 
> 
> On Tue, 2009-11-17 at 10:09 -0500, Sinha, Ritu wrote:
> > I have an Apache module in which I am trying to overwrite the value of
> > a cookie. I have tried different methods of the APR::Table without
> > success.
> > Here are the approaches that I have tried:
> >  
> > [1] $r->headers_out->set("Set-Cookie", $cookie);
> >  
> > Here, $cookie has the name=value pair with the name of the cookie that
> > needs to be overwritten. The outcome is 2 cookies with the same name.
> >  
> > [2] $cookie = $r->headers_in->{Cookie};
> > <search-and-replace the cookie value in $cookie>
> > $r->headers_out->{Cookie}=$cookie;
> >  
> > Does not do anything to the existing cookie … does not even add a new
> > cookie.
> >  
> > [3] $cookie = $r->headers_in->{Cookie};
> > @cookies = split(/;/,$cookie);
> > $r->headers_out->clear();
> > < add cookies one-by-one replacing the value of the cookie in question
> > using  $r->headers_out->set("Set-Cookie", $cookie); >
> >  
> > The web application does not work … seems like clearing the header
> > creates problems.
> >  
> > Any pointers would be really helpful.
> >  
> > Thanks,
> > Ritu
> >  
> >  
> >  
> >  
-- 
Cheers,
Devin Teske

-> CONTACT INFORMATION <-
Field Engineer
FIS - Vicor Business Unit
626-573-6040 Office
510-735-5650 Mobile
devin.teske@metavante.com

-> LEGAL DISCLAIMER <-
This message  contains confidential  and proprietary  information
of the sender,  and is intended only for the person(s) to whom it
is addressed. Any use, distribution, copying or disclosure by any
other person  is strictly prohibited.  If you have  received this
message in error,  please notify  the e-mail sender  immediately,
and delete the original message without making a copy.

-> END TRANSMISSION <-


Mime
View raw message