You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@httpd.apache.org by Martin Pool <mb...@linuxcare.com.au> on 2000/12/06 04:42:11 UTC
mod_usertrack
mod_usertrack.c uses this code to scan through the Cookie header
looking for its cookie, which is typically called `Apache'.
if ((cookie = ap_table_get(r->headers_in, "Cookie")))
if ((value = strstr(cookie, dcfg->cookie_name))) {
char *cookiebuf, *cookieend;
value += strlen(dcfg->cookie_name) + 1; /* Skip over the '=' */
cookiebuf = ap_pstrdup(r->pool, value);
cookieend = strchr(cookiebuf, ';');
if (cookieend)
*cookieend = '\0'; /* Ignore anything after a ; */
/* Set the cookie in a note, for logging */
ap_table_setn(r->notes, "cookie", cookiebuf);
return DECLINED; /* There's already a cookie, no new one */
}
The strstr seems a little weak: I think this code will get confused by
other cookies or cookie values which happen to contain `Apache' or
whatever the name is. It's not a very likely problem, but I wanted to
at least mention it.
--
Martin Pool, Linuxcare, Inc.
+61 2 6262 8990
mbp@linuxcare.com, http://www.linuxcare.com/
Linuxcare. Support for the revolution.