This is part of The Pile, a partial archive of some open source mailing lists and newsgroups.
Subject: Re[2]: [OT] Will a cookie traverse ports in the same domain?
From: Mike Miller <mmiller@crusoe.net>
Date: Thu, 19 Oct 2000 18:34:49 -0400
I'm sure this is not the right way <grin>, but I had this
problem a while ago, and ended up manually setting the
domain of the cookie to null/undef.
I use cgi.pm to set the cookie, as follows. Note that where
$q is a CGI.pm object reference. This is code extracted
from an app framework running under registry, so it is not
complete nor correct by any means, but should give an idea
of the approach ...
my $cookies = [
$q->cookie(-name=>'CookieName',-value=>'CookieValue',-path=>'/')
]; $cookies->[0]->{domain} = undef;
and then later on ....
print
$self->cgi->header(-cookie=>$cookies,-type=>"text/html;
charset=iso-8859-1");
I seems that CGI.pm->cookie() method was, at least for me at
the time, forcing/defaulting the domain name of the cookie
to be that of the server. When I set it to undef, it the
browser then associated it with the current server, which
was the proxy.
Of course, I might be dead wrong about the why, but I know
it works for me. I have my mod_perl server running on a
high port (bound to localhost), and my stronghold proxy on
port 80 (bound to the published IP), which is similar to the
described configuration.
Of course, this is probably not the "right" way, but it
worked/works for me (until someone suggests a better one
...)
===
Subject: RE: [OT] Will a cookie traverse ports in the same domain?
From: "David Harris" <dharris@drh.net>
Date: Fri, 20 Oct 2000 10:57:19 -0400
Blue Lang [mailto:blue@gator.net] wrote:
> On Thu, 19 Oct 2000, martin langhoff wrote:
>
> > hi,
> >
> > this HTTP protocol (definition and actual implementation) question is
> > making me mad. Will (and should) a cookie be valid withing the same
> > host/domain/subdirectory when changing PORT numbers?
>
> well.. by my reading of the RFC, and I might be wrong, but it looks like
> port should be ignored in cases where the hostname is used in the uri.
>
> http://www.cis.ohio-state.edu/htbin/rfc/rfc2109.html
Netscape has/had a bug where a cookie sent to http://www.server.com/ would not
be returned when visiting http://www.server.com:80/.
===
Subject: Re: [OT] Will a cookie traverse ports in the same domain?
From: Ask Bjoern Hansen <ask@apache.org>
Date: Mon, 30 Oct 2000 09:12:33 -0800 (PST)
On Thu, 19 Oct 2000, martin langhoff wrote:
> All my cookies have stopped working as soon as I've set my mod_perl
> apache on a high port with a proxying apache in port 80 [ see thread
> "AARRRGH! The Apache Proxy is not transparent wrt cookies!" ]
are you sure that you are setting the correct domain in your
mod_perl apache?
===