Anyone know where I can find info on the cookie spec? I seem to be having a
problem(after hours of narrowing it down) where I am using some special
characters that are not allowed in a cookie name or data.
What I'm essentially doing is encrypting the name/data then encoding it
using base64 but base64 uses the special characters +, /, and =. They seem
to be causing problems with the cook being written or read. I have mapped
the ='s into _ and can map the + into - because I think those work for
cookies but I am not sure... and then I have the issue with the /. (which
I'm thinking of using _ for it too but have to handle the case where it
occurs at the end of the string to be encoded(Which will cause it to be
confused with the padding).
Any ideas? This is driving me nuts ;/ (thought it was my encryption part and
spent hours on debugging that ;)
Thanks,
Jon
4  2592 
On May 17, 2:19 pm, "Jon Slaughter" <Jon_Slaugh...@Hotmail.comwrote:
Anyone know where I can find info on the cookie spec? I seem to be having a
problem(after hours of narrowing it down) where I am using some special
characters that are not allowed in a cookie name or data.
What I'm essentially doing is encrypting the name/data then encoding it
using base64 but base64 uses the special characters +, /, and =. They seem
to be causing problems with the cook being written or read. I have mapped
the ='s into _ and can map the + into - because I think those work for
cookies but I am not sure... and then I have the issue with the /. (which
I'm thinking of using _ for it too but have to handle the case where it
occurs at the end of the string to be encoded(Which will cause it to be
confused with the padding).
Any ideas? This is driving me nuts ;/ (thought it was my encryption part and
spent hours on debugging that ;)
Thanks,
Jon
Interesting problem Jon,
I'm not really sure that the spec will help you, but just in case, you
can read it here: http://tools.ietf.org/html/rfc2965
The cookie is commonly transported simply as a header extension to the
HTTP protocol, so that spec is probably more relevant: http://tools.ietf.org/html/rfc2616
Also make sure you are setting the cookie using the php method
setrawcookie(). If using setcookie(), are you accounting for the
automatic urlencod'ing that php does to your cookie value?
Hope that helps,
Carl.
"Carl" <c.******@gmail.comwrote in message
news:11**********************@k79g2000hse.googlegr oups.com...
On May 17, 2:19 pm, "Jon Slaughter" <Jon_Slaugh...@Hotmail.comwrote:
>Anyone know where I can find info on the cookie spec? I seem to be having
a
problem(after hours of narrowing it down) where I am using some special
characters that are not allowed in a cookie name or data.
What I'm essentially doing is encrypting the name/data then encoding it
using base64 but base64 uses the special characters +, /, and =. They
seem
to be causing problems with the cook being written or read. I have
mapped
the ='s into _ and can map the + into - because I think those work for
cookies but I am not sure... and then I have the issue with the /. (which
I'm thinking of using _ for it too but have to handle the case where it
occurs at the end of the string to be encoded(Which will cause it to be
confused with the padding).
Any ideas? This is driving me nuts ;/ (thought it was my encryption part
and
spent hours on debugging that ;)
Thanks,
Jon
Interesting problem Jon,
I'm not really sure that the spec will help you, but just in case, you
can read it here:
http://tools.ietf.org/html/rfc2965
The cookie is commonly transported simply as a header extension to the
HTTP protocol, so that spec is probably more relevant:
http://tools.ietf.org/html/rfc2616
Also make sure you are setting the cookie using the php method
setrawcookie(). If using setcookie(), are you accounting for the
automatic urlencod'ing that php does to your cookie value?
Hope that helps,
Carl.
Thanks!!
token = 1*<any CHAR except CTLs or separators>
separators = "(" | ")" | "<" | ">" | "@"
| "," | ";" | ":" | "\" | <">
| "/" | "[" | "]" | "?" | "="
| "{" | "}" | SP | HTCTL = <any US-ASCII
control character
(octets 0 - 31) and DEL (127)>I see here exactly
which characters are not allowedI'm going to try the setrawcookie and see
what happens and if no success I will escape the characters myself. The
issue seems to be with the'/' which is used by base64. The + seems ok...
this is all assuming that the cookies use the grammar properly.Thanks
again!!Jon
Jon Slaughter wrote:
What I'm essentially doing is encrypting the name/data then encoding it
using base64 but base64 uses the special characters +, /, and =. They seem
to be causing problems with the cook being written or read. I have mapped
the ='s into _ and can map the + into - because I think those work for
cookies but I am not sure... and then I have the issue with the /. (which
I'm thinking of using _ for it too but have to handle the case where it
occurs at the end of the string to be encoded(Which will cause it to be
confused with the padding).
Have you thought instead of using:
$encoded = urlencode(base64_encode($data));
This should create a string consisting of only alphanumeric data and '%'.
To go back the other way:
$data = base64_decode(urldecode($encoded));
--
Toby A Inkster BSc (Hons) ARCS http://tobyinkster.co.uk/
Geek of ~ HTML/SQL/Perl/PHP/Python/Apache/Linux
"Toby A Inkster" <us**********@tobyinkster.co.ukwrote in message
news:82************@ophelia.g5n.co.uk...
Jon Slaughter wrote:
>What I'm essentially doing is encrypting the name/data then encoding it
using base64 but base64 uses the special characters +, /, and =. They
seem
to be causing problems with the cook being written or read. I have
mapped
the ='s into _ and can map the + into - because I think those work for
cookies but I am not sure... and then I have the issue with the /. (which
I'm thinking of using _ for it too but have to handle the case where it
occurs at the end of the string to be encoded(Which will cause it to be
confused with the padding).
Have you thought instead of using:
$encoded = urlencode(base64_encode($data));
This should create a string consisting of only alphanumeric data and '%'.
To go back the other way:
$data = base64_decode(urldecode($encoded));
I thought about it... but I didn't know if it would work. probably should
have tried it...
in any case, doesn't setcookie do that anyways? or does it just encode it
and not decode it? just kinda getting tired of trying everything as its not
easy to debug the cookies since I cannot set a cookie in the zend debugger
for some reason.
it does seem to be working now though when I have converted /, =, and + into
#, - and _..
I assume that urlencode is idempotent? else it won't work if I use
setrawcookie and it is not url decoding
Once I finish the code completely I'll go back and look at all this mess and
see what I can do to improve it.
Thanks,
Jon This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics
by: Psykotik |
last post by:
Hello,
I've two problems with php. My spec : Windows XP SP1, KFWS 2.2.0, IE 6
SP1, PHP 4.3.3.
Web server is "KF web server", a server very very user friendly (HTML
interface), and which...
|
by: Manlio Perillo |
last post by:
Hi.
I'm using the Cookie module (on the client side).
I have found a problem trying to parse the cookie:
"Set-Cookie: value=thevalue; path=/;
expires=Fri, 21-May-2004 10:40:51 GMT"
The date...
|
by: brettr |
last post by:
When I reference document.cookie, there is a long string of key=value;
pairs listed. I may have 100 hundred cookies on my hard drive.
However, most only have one key=value pair. Does the...
|
by: Derek Fountain |
last post by:
I just figured out a rather puzzling problem I had with a cookie
apparently being ignored. I had it set to timeout in 3 minutes and it
worked fine tested on localhost, but sometimes failed when...
|
by: Matthijs van Waveren |
last post by:
"Your opportunity to be a RECOGNIZED EXPERT in the HPC Community"
The SPEC High Performance Group is seeking candidates for a benchmark
suite based on Message Passing Interface (MPI)...
|
by: CR1 |
last post by:
I found a great cookie script below, but don't know how to make it also pass the values sent to the cookie, to a querystring as well for tracking purposes. Can anyone help? If there was a way to...
|
by: mymatebob |
last post by:
Hi,
I am using cookies to keep track if a user is logged into my system,
and would like to display the time that the user has left logged in.
One solution is to display the time left until the...
|
by: dba123 |
last post by:
How do I tie the cookie that's produced from the login control of the ASP.NET
2.0 Membership API to use a specific domain programmically? I dont' know
how to even talk to the cookie cause I don't...
|
by: WiW |
last post by:
FYI: It appears that Phorm (a targeted advertising system which taps into
ISP networks) will be setting its own persistent cookie for most every
website the user visits. It appears as though the...
|
by: ryjfgjl |
last post by:
In our work, we often receive Excel tables with data in the same format. If we want to analyze these data, it can be difficult to analyze them because the data is spread across multiple Excel files...
|
by: emmanuelkatto |
last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud.
Please let me know.
Thanks!
Emmanuel
|
by: nemocccc |
last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
|
by: Sonnysonu |
last post by:
This is the data of csv file
1 2 3
1 2 3
1 2 3
1 2 3
2 3
2 3
3
the lengths should be different i have to store the data by column-wise with in the specific length.
suppose the i have to...
|
by: Hystou |
last post by:
There are some requirements for setting up RAID:
1. The motherboard and BIOS support RAID configuration.
2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
|
by: Oralloy |
last post by:
Hello folks,
I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>".
The problem is that using the GNU compilers,...
|
by: Hystou |
last post by:
Overview:
Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows...
|
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each...
|
by: agi2029 |
last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing,...
| |
