You are viewing a plain text version of this content. The canonical link for it is here.
Posted to mod_dtcl@tcl.apache.org by "Zeinert, Holger" <Ho...@lms-gmbh.de> on 2003/10/08 22:58:51 UTC

setting a permanent cookie

Hi,

since some time I was trying to set a cookie in mod_dtcl. Session cookies
were no problem:

  headers setcookie -name "Foo" -value "Bar"

I guess it's very similar in Rivet.

But to save a permanent cookie, a expire date is needed. I tried several
common formats like

	Wed Oct 08 22:36:19 Westeuropäische Sommerzeit 2003
	DD-Mon-YY HH:MM:SS
	...

but I had no success. As soon as the expire was set, the whole cookie was
lost. I should add that this happens only with Microsoft Internet Explorer
6.0.

After reading the sources of mod_dtcl and Apache I think I discovered the
following:

the expire date seems to be set relativ, starting with "+" or "-".

apache_request.c:

char *ApacheUtil_expires(pool *p, char *time_str, int type)
{
    ...
    when = expire_calc(time_str);
    ...
}

static time_t expire_calc(char *time_str)
{
    int is_neg = 0, offset = 0;
    char buf[256];
    int ix = 0;

    if (*time_str == '-') {
	is_neg = 1;
	++time_str;
    } 
    else if (*time_str == '+') {
	++time_str;
    }
    else if (strcaseEQ(time_str, "now")) {
	/*ok*/
    }
    else {
	return 0;
    }

    /* wtf, ap_isdigit() returns false for '1' !? */
    while (*time_str && (ap_isdigit(*time_str) || (*time_str == '1'))) {
	buf[ix++] = *time_str++;
    }
    buf[ix] = '\0';
    offset = atoi(buf);

    return time(NULL) + 
	(expire_mult(*time_str) * (is_neg ? (0 - offset) : offset));
}

#define Mult_s 1
#define Mult_m 60
#define Mult_h (60*60)
#define Mult_d (60*60*24)
#define Mult_M (60*60*24*30)
#define Mult_y (60*60*24*365)

static int expire_mult(char s)
{
    switch (s) {
    case 's':
	return Mult_s;
    case 'm':
	return Mult_m;
    case 'h':
	return Mult_h;
    case 'd':
	return Mult_d;
    case 'M':
	return Mult_M;
    case 'y':
	return Mult_y;
    default:
	return 1;
    };
}

The first if-elseif statement in expire_calc() returns 0 if the time_str
does not start with + or - nor is equal to "now".
Also, the value from time_str is used as offset.

Conclusion: setting a permanent cookie (at least with Internet Explorer)
works using expires like "+1d", "+2min", ...

    header setcookie -name "Foo" -value "Bar" -expires "+[expr 24*60*60]"
or
    header setcookie -name "Foo" -value "Bar" -expires "+1d" 

to make the cookie permanent, expiring one day later.

Although this works for me, I would like to hear comments on that. But since
this code is in the http server, it should not depend on the Browser, right?
Is my conclusion correct? I did not find much documentation about how to
format expire values for cookies.

Best regards
Holger

---------------------------------------------------------------------
To unsubscribe, e-mail: mod_dtcl-unsubscribe@tcl.apache.org
For additional commands, e-mail: mod_dtcl-help@tcl.apache.org