perl-modperl mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Steve van der Burg" <steve.vanderb...@lhsc.on.ca>
Subject Re: Apache2::AuthCookie - semantics of WhatEverPath parameter?
Date Mon, 27 Jul 2015 17:51:15 GMT
It is the path part of a URL.  The HTML Cookie specification defines it, and this is AuthCookie's
way of letting you set it.

If the request domain + path doesn't match those set in the cookie, then the browser won't
send the cookie to the server.

When using cookies for non-auth purposes, there are lots of cases where you would want something
more specific than / (to set a preference specific to an add at some.web.site/some/app, for
example).  You're right that, for auth, it's hard to imagine when you wouldn't want to just
leave it as /.

...Steve


-- 
Steve van der Burg
Information Technology Services
London Health Sciences Centre
& St. Joseph's Health Care London
(519) 685-8500 ext 35559
steve.vanderburg@lhsc.on.ca

Jim Garrison <jhg@jhmg.net> wrote:
> Every example for Apache2::AuthCookie shows
> 
>     ...
>     WhatEverPath /
>     ...
> 
> but I can find nothing that explains what the value "/" represents.
> Is it a URI?  Later in the sample configs we see URIs to which
> protection applies are defined by <Location> or <Files> tags,
> 
> How does the value of this parameter affect the behavior of AuthCookie,
> and under what circumstances would its value not be "/"?
> 
> Thanks
> 
> -- 
> Jim Garrison (jhg@acm.org)
> PGP Keys at http://www.jhmg.net RSA 0x04B73B7F DH 0x70738D88

 --------------------------------------------------------------------------------
This information is directed in confidence solely to the person named above and may contain
confidential and/or privileged material. This information may not otherwise be distributed,
copied or disclosed. If you have received this e-mail in error, please notify the sender immediately
via a return e-mail and destroy original message. Thank you for your cooperation.

Mime
View raw message