Reply to Re: cookie spec

Your name:

Reply:


Posted by Jon Slaughter on 05/17/07 23:16

"Carl" <c.groner@gmail.com> wrote in message
news:1179441261.800628.313240@k79g2000hse.googlegroups.com...
> On May 17, 2:19 pm, "Jon Slaughter" <Jon_Slaugh...@Hotmail.com> wrote:
>> Anyone know where I can find info on the cookie spec? I seem to be having
>> a
>> problem(after hours of narrowing it down) where I am using some special
>> characters that are not allowed in a cookie name or data.
>>
>> What I'm essentially doing is encrypting the name/data then encoding it
>> using base64 but base64 uses the special characters +, /, and =. They
>> seem
>> to be causing problems with the cook being written or read. I have
>> mapped
>> the ='s into _ and can map the + into - because I think those work for
>> cookies but I am not sure... and then I have the issue with the /. (which
>> I'm thinking of using _ for it too but have to handle the case where it
>> occurs at the end of the string to be encoded(Which will cause it to be
>> confused with the padding).
>>
>> Any ideas? This is driving me nuts ;/ (thought it was my encryption part
>> and
>> spent hours on debugging that ;)
>>
>> Thanks,
>> Jon
>
> Interesting problem Jon,
>
> I'm not really sure that the spec will help you, but just in case, you
> can read it here:
> http://tools.ietf.org/html/rfc2965
>
> The cookie is commonly transported simply as a header extension to the
> HTTP protocol, so that spec is probably more relevant:
> http://tools.ietf.org/html/rfc2616
>
> Also make sure you are setting the cookie using the php method
> setrawcookie(). If using setcookie(), are you accounting for the
> automatic urlencod'ing that php does to your cookie value?
>
> Hope that helps,
> Carl.

Thanks!!

token = 1*<any CHAR except CTLs or separators>
separators = "(" | ")" | "<" | ">" | "@"
| "," | ";" | ":" | "\" | <">
| "/" | "[" | "]" | "?" | "="
| "{" | "}" | SP | HTCTL = <any US-ASCII
control character
(octets 0 - 31) and DEL (127)>I see here exactly
which characters are not allowedI'm going to try the setrawcookie and see
what happens and if no success I will escape the characters myself. The
issue seems to be with the'/' which is used by base64. The + seems ok...
this is all assuming that the cookies use the grammar properly.Thanks
again!!Jon

[Back to original message]
Удаленная работа для программистов  •  Как заработать на Google AdSense  •  England, UK  •  статьи на английском  •  PHP MySQL CMS Apache Oscommerce  •  Online Business Knowledge Base  •  DVD MP3 AVI MP4 players codecs conversion help
Home  •  Search  •  Site Map  •  Set as Homepage  •  Add to Favourites

Copyright © 2005-2006 Powered by Custom PHP Programming

Сайт изготовлен в Студии Валентина Петручека
изготовление и поддержка веб-сайтов, разработка программного обеспечения, поисковая оптимизация