Anyone know where I can find info on the cookie spec? I seem to be having a
problem(after hours of narrowing it down) where I am using some special
characters that are not allowed in a cookie name or data.
What I'm essentially doing is encrypting the name/data then encoding it
using base64 but base64 uses the special characters +, /, and =. They seem
to be causing problems with the cook being written or read. I have mapped
the ='s into _ and can map the + into - because I think those work for
cookies but I am not sure... and then I have the issue with the /. (which
I'm thinking of using _ for it too but have to handle the case where it
occurs at the end of the string to be encoded(Which will cause it to be
confused with the padding).
Any ideas? This is driving me nuts ;/ (thought it was my encryption part and
spent hours on debugging that ;)
Thanks,
Jon
4  2608 
On May 17, 2:19 pm, "Jon Slaughter" <Jon_Slaugh...@ Hotmail.comwrot e:
Anyone know where I can find info on the cookie spec? I seem to be having a
problem(after hours of narrowing it down) where I am using some special
characters that are not allowed in a cookie name or data.
What I'm essentially doing is encrypting the name/data then encoding it
using base64 but base64 uses the special characters +, /, and =. They seem
to be causing problems with the cook being written or read. I have mapped
the ='s into _ and can map the + into - because I think those work for
cookies but I am not sure... and then I have the issue with the /. (which
I'm thinking of using _ for it too but have to handle the case where it
occurs at the end of the string to be encoded(Which will cause it to be
confused with the padding).
Any ideas? This is driving me nuts ;/ (thought it was my encryption part and
spent hours on debugging that ;)
Thanks,
Jon
Interesting problem Jon,
I'm not really sure that the spec will help you, but just in case, you
can read it here: http://tools.ietf.org/html/rfc2965
The cookie is commonly transported simply as a header extension to the
HTTP protocol, so that spec is probably more relevant: http://tools.ietf.org/html/rfc2616
Also make sure you are setting the cookie using the php method
setrawcookie(). If using setcookie(), are you accounting for the
automatic urlencod'ing that php does to your cookie value?
Hope that helps,
Carl.
"Carl" <c.******@gmail .comwrote in message
news:11******** **************@ k79g2000hse.goo glegroups.com.. .
On May 17, 2:19 pm, "Jon Slaughter" <Jon_Slaugh...@ Hotmail.comwrot e:
>Anyone know where I can find info on the cookie spec? I seem to be having
a
problem(afte r hours of narrowing it down) where I am using some special
characters that are not allowed in a cookie name or data.
What I'm essentially doing is encrypting the name/data then encoding it
using base64 but base64 uses the special characters +, /, and =. They
seem
to be causing problems with the cook being written or read. I have
mapped
the ='s into _ and can map the + into - because I think those work for
cookies but I am not sure... and then I have the issue with the /. (which
I'm thinking of using _ for it too but have to handle the case where it
occurs at the end of the string to be encoded(Which will cause it to be
confused with the padding).
Any ideas? This is driving me nuts ;/ (thought it was my encryption part
and
spent hours on debugging that ;)
Thanks,
Jon
Interesting problem Jon,
I'm not really sure that the spec will help you, but just in case, you
can read it here:
http://tools.ietf.org/html/rfc2965
The cookie is commonly transported simply as a header extension to the
HTTP protocol, so that spec is probably more relevant:
http://tools.ietf.org/html/rfc2616
Also make sure you are setting the cookie using the php method
setrawcookie(). If using setcookie(), are you accounting for the
automatic urlencod'ing that php does to your cookie value?
Hope that helps,
Carl.
Thanks!!
token = 1*<any CHAR except CTLs or separators>
separators = "(" | ")" | "<" | ">" | "@"
| "," | ";" | ":" | "\" | <">
| "/" | "[" | "]" | "?" | "="
| "{" | "}" | SP | HTCTL = <any US-ASCII
control character
(octets 0 - 31) and DEL (127)>I see here exactly
which characters are not allowedI'm going to try the setrawcookie and see
what happens and if no success I will escape the characters myself. The
issue seems to be with the'/' which is used by base64. The + seems ok...
this is all assuming that the cookies use the grammar properly.Thanks
again!!Jon
Jon Slaughter wrote:
What I'm essentially doing is encrypting the name/data then encoding it
using base64 but base64 uses the special characters +, /, and =. They seem
to be causing problems with the cook being written or read. I have mapped
the ='s into _ and can map the + into - because I think those work for
cookies but I am not sure... and then I have the issue with the /. (which
I'm thinking of using _ for it too but have to handle the case where it
occurs at the end of the string to be encoded(Which will cause it to be
confused with the padding).
Have you thought instead of using:
$encoded = urlencode(base6 4_encode($data) );
This should create a string consisting of only alphanumeric data and '%'.
To go back the other way:
$data = base64_decode(u rldecode($encod ed));
--
Toby A Inkster BSc (Hons) ARCS http://tobyinkster.co.uk/
Geek of ~ HTML/SQL/Perl/PHP/Python/Apache/Linux
"Toby A Inkster" <us**********@t obyinkster.co.u kwrote in message
news:82******** ****@ophelia.g5 n.co.uk...
Jon Slaughter wrote:
>What I'm essentially doing is encrypting the name/data then encoding it
using base64 but base64 uses the special characters +, /, and =. They
seem
to be causing problems with the cook being written or read. I have
mapped
the ='s into _ and can map the + into - because I think those work for
cookies but I am not sure... and then I have the issue with the /. (which
I'm thinking of using _ for it too but have to handle the case where it
occurs at the end of the string to be encoded(Which will cause it to be
confused with the padding).
Have you thought instead of using:
$encoded = urlencode(base6 4_encode($data) );
This should create a string consisting of only alphanumeric data and '%'.
To go back the other way:
$data = base64_decode(u rldecode($encod ed));
I thought about it... but I didn't know if it would work. probably should
have tried it...
in any case, doesn't setcookie do that anyways? or does it just encode it
and not decode it? just kinda getting tired of trying everything as its not
easy to debug the cookies since I cannot set a cookie in the zend debugger
for some reason.
it does seem to be working now though when I have converted /, =, and + into
#, - and _..
I assume that urlencode is idempotent? else it won't work if I use
setrawcookie and it is not url decoding
Once I finish the code completely I'll go back and look at all this mess and
see what I can do to improve it.
Thanks,
Jon This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics | |
by: Psykotik |
last post by:
Hello,
I've two problems with php. My spec : Windows XP SP1, KFWS 2.2.0, IE 6
SP1, PHP 4.3.3.
Web server is "KF web server", a server very very user friendly (HTML
interface), and which manage very well web security.
Link : http://www.keyfocus.net/kfws/
But it sounds like my two problems are KFWS related, except if one has
|
by: Manlio Perillo |
last post by:
Hi.
I'm using the Cookie module (on the client side).
I have found a problem trying to parse the cookie:
"Set-Cookie: value=thevalue; path=/;
expires=Fri, 21-May-2004 10:40:51 GMT"
The date is not parsed correctly, only "Fri," is matched.
|
by: brettr |
last post by:
When I reference document.cookie, there is a long string of key=value;
pairs listed. I may have 100 hundred cookies on my hard drive.
However, most only have one key=value pair. Does the document.cookie
variable combine all cookie key=value pairs?
All of the examples I've seen discuss referencing a specific cookie. I
don't see how this is done.
Cookies are usually named by the domain. If I want to reference a
specific cookie, do I...
|
by: Derek Fountain |
last post by:
I just figured out a rather puzzling problem I had with a cookie
apparently being ignored. I had it set to timeout in 3 minutes and it
worked fine tested on localhost, but sometimes failed when different
machines connected. The problem was that some of my test machines had
system clocks that weren't quite correct, and the cookie was effectively
timing out as soon as the browser received it. There's a lesson learned. :o}
So I switched...
|
by: Matthijs van Waveren |
last post by:
"Your opportunity to be a RECOGNIZED EXPERT in the HPC Community"
The SPEC High Performance Group is seeking candidates for a benchmark
suite based on Message Passing Interface (MPI) applications.
Successful submitters will be rewarded with a free license for the
benchmark suite, recognized on the SPEC website and in media
materials, and their programs will influence future designs of
computer hardware and software. For example the...
| | |
by: CR1 |
last post by:
I found a great cookie script below, but don't know how to make it also pass the values sent to the cookie, to a querystring as well for tracking purposes. Can anyone help? If there was a way to simply pass the values in a cookie to the querystring that would be even easier, but from what I've been able to tell, cookie values can't be passed to a querystring.
I'm sure the answer will help alot of others who are using this script, and would...
|
by: mymatebob |
last post by:
Hi,
I am using cookies to keep track if a user is logged into my system,
and would like to display the time that the user has left logged in.
One solution is to display the time left until the cookie expires.
Does anyone know how to retrieve the expiry time of a particular
cookie?
TIA
|
by: dba123 |
last post by:
How do I tie the cookie that's produced from the login control of the ASP.NET
2.0 Membership API to use a specific domain programmically? I dont' know
how to even talk to the cookie cause I don't know it's name...how do I even
reference it..then tell it to point to a specific domain then save?
--
dba123
|
by: WiW |
last post by:
FYI: It appears that Phorm (a targeted advertising system which taps into
ISP networks) will be setting its own persistent cookie for most every
website the user visits. It appears as though the cookie may be named
"webwise". One technical description of the system and this aspect can
be found via:
http://www.lightbluetouchpaper.org/2008/04/04/the-phorm-webwise-system/
or if you want to go straight to the report:
|
by: marktang |
last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However, people are often confused as to whether an ONU can Work As a Router. In this blog post, we’ll explore What is ONU, What Is Router, ONU & Router’s main usage, and What is the difference between ONU and Router. Let’s take a closer look !
Part I. Meaning of...
|
by: jinu1996 |
last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven tapestry of website design and digital marketing. It's not merely about having a website; it's about crafting an immersive digital experience that captivates audiences and drives business growth.
The Art of Business Website Design
Your website is...
| | |
by: Hystou |
last post by:
Overview:
Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows Update option using the Control Panel or Settings app; it automatically checks for updates and installs any it finds, whether you like it or not. For most users, this new feature is actually very convenient. If you want to control the update process,...
|
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each protocol has its own unique characteristics and advantages, but as a user who is planning to build a smart home system, I am a bit confused by the choice of these technologies. I'm particularly interested in Zigbee because I've heard it does some...
|
by: agi2029 |
last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing, and deployment—without human intervention. Imagine an AI that can take a project description, break it down, write the code, debug it, and then launch it, all on its own....
Now, this would greatly impact the work of software developers. The idea...
|
by: conductexam |
last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one.
At the time of converting from word file to html my equations which are in the word document file was convert into image.
Globals.ThisAddIn.Application.ActiveDocument.Select();...
|
by: TSSRALBI |
last post by:
Hello
I'm a network technician in training and I need your help.
I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs.
The last exercise I practiced was to create a LAN-to-LAN VPN between two Pfsense firewalls, by using IPSEC protocols.
I succeeded, with both firewalls in the same network. But I'm wondering if it's possible to do the same thing, with 2 Pfsense firewalls...
|
by: 6302768590 |
last post by:
Hai team
i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated we have to send another system
| | |
by: bsmnconsultancy |
last post by:
In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence can significantly impact your brand's success. BSMN Consultancy, a leader in Website Development in Toronto offers valuable insights into creating effective websites that not only look great but also perform exceptionally well. In this comprehensive...
| |
