You are viewing a plain text version of this content. The canonical link for it is here.
Posted to websh-user@tcl.apache.org by Jerry Lam <bo...@hotmail.com> on 2003/11/21 20:27:23 UTC
querystring
Hi,
I wonder if it is possible to turn the encription off from the querystring. I'm using wehsh standard web::cmdurl and web::cmdurlcfg to append the querystring
example
http://localhost/template.ws3?XDZuRD2zLY2Pam6JgevSaLy7xv4LfjDV
I want it to display the normal querystring
http://localhost/template.ws3?t=1020asdf
Is it possible??
Thanks
Jerry
Re: querystring
Posted by Ronnie Brunner <ro...@netcetera.ch>.
> I think I know what's wrong.
The problem is, that by setting the encrypt and decrypt chains empty
(i.e. disabling crypt functionality), not only your quer string, but
also your Cookie serializer does not get "scrambled" anymore. You can
fix this by resetting the encryptchain whenever your cookie is written.
You might want to overwrite the cookiecontext functionality or make
sure, you disable encryption only after the cookie has been written to
the output channel (i.e. after the first web::put per request)
> If these two lines are ignored, the http header has this line for the
> cookie: Set-Cookie:
> svreports=XDZ0YDSysqSSKPaUdfruZl1nLDSE2IKFgZeZufJECYO1wBs; expires=Sat,
> 22-11-2003 21:47:18 EST; path=/
>
> but with the two lines added into it, the set-cookie header will be:
> Set-Cookie: svreports=cset clientName foo
> cset sid bar; expires=Sat, 22-11-2003 21:48:55 EST; path=/
>
> Now, it occupies two lines in the http header which makes it doesn't work.
> How to fix this?
>
> thanks,
>
> Jerry
>
> From: "Jerry Lam" <bo...@hotmail.com>
> To: "Jerry Lam" <bo...@hotmail.com>; "Philipp Knüsel"
> <ph...@gmx.ch>; <we...@tcl.apache.org>
> Sent: Friday, November 21, 2003 7:38 PM
> Subject: Re: querystring
>
>
> > Hi,
> >
> > I'm looking for advice. After I add the lines
> > web::config encryptchain {}
> > web::config decryptchain {}
> >
> > the cookie doesn't work like before. I have a key with this value
> > "XDXGF9z4Xv0zg40XU1Mvy8GriEJ8CyKqpTysJe1it4Y5CL"
> > It works fine with the above two lines are omitted.
> > However, whenever I put these two lines, it won't work.
> >
> > Do you know what seems to be the problem.
> >
> > Thanks,
> >
> > Jerry
> > From: "Jerry Lam" <bo...@hotmail.com>
> > To: "Philipp Knüsel" <ph...@gmx.ch>; <we...@tcl.apache.org>
> > Sent: Friday, November 21, 2003 4:18 PM
> > Subject: Re: querystring
> >
> >
> > > Hi,
> > >
> > > thanks for the reply. I also wonder if it is possible to turn it off
> > > entirely. ;) Without having these two lines in every single page.
> > >
> > > Thank you,
> > >
> > > Jerry
> > > From: "Philipp Knüsel" <ph...@gmx.ch>
> > > To: <we...@tcl.apache.org>
> > > Cc: "Jerry Lam" <bo...@hotmail.com>
> > > Sent: Friday, November 21, 2003 3:43 PM
> > > Subject: Re: querystring
> > >
> > >
> > > > Hello Jerry, websh users
> > > >
> > > > > I wonder if it is possible to turn the encription off from the
> > > querystring
> > > > Everything is possible using the websh ;-)
> > > >
> > > > To turn the URL encription off add this to your code:
> > > >
> > > > web::config encryptchain {}
> > > > web::config decryptchain {}
> > > >
> > > > Find more information here:
> > > > http://tcl.apache.org/websh/quickref/data_encryption.html#web::encrypt
> > > > and here:
> > > > http://tcl.apache.org/websh/quickref/configuration.html#web::config
> > > >
> > > > enjoy!
> > > >
> > > > Philipp
> > > >
> > > >
> > > >
> > > >
> > >
> > > To unsubscribe, e-mail: websh-user-unsubscribe@tcl.apache.org
> > > For additional commands, e-mail: websh-user-help@tcl.apache.org
> > >
> > >
> >
> > To unsubscribe, e-mail: websh-user-unsubscribe@tcl.apache.org
> > For additional commands, e-mail: websh-user-help@tcl.apache.org
> >
> >
>
> To unsubscribe, e-mail: websh-user-unsubscribe@tcl.apache.org
> For additional commands, e-mail: websh-user-help@tcl.apache.org
----------------------------------------------------------------------
Ronnie Brunner ronnie.brunner@netcetera.ch
Netcetera AG, 8040 Zuerich phone +41 1 247 79 79 fax +41 1 247 70 75
Re: querystring
Posted by Jerry Lam <bo...@hotmail.com>.
Hi,
I think I know what's wrong.
If these two lines are ignored, the http header has this line for the
cookie: Set-Cookie:
svreports=XDZ0YDSysqSSKPaUdfruZl1nLDSE2IKFgZeZufJECYO1wBs; expires=Sat,
22-11-2003 21:47:18 EST; path=/
but with the two lines added into it, the set-cookie header will be:
Set-Cookie: svreports=cset clientName foo
cset sid bar; expires=Sat, 22-11-2003 21:48:55 EST; path=/
Now, it occupies two lines in the http header which makes it doesn't work.
How to fix this?
thanks,
Jerry
----- Original Message -----
From: "Jerry Lam" <bo...@hotmail.com>
To: "Jerry Lam" <bo...@hotmail.com>; "Philipp Knüsel"
<ph...@gmx.ch>; <we...@tcl.apache.org>
Sent: Friday, November 21, 2003 7:38 PM
Subject: Re: querystring
> Hi,
>
> I'm looking for advice. After I add the lines
> web::config encryptchain {}
> web::config decryptchain {}
>
> the cookie doesn't work like before. I have a key with this value
> "XDXGF9z4Xv0zg40XU1Mvy8GriEJ8CyKqpTysJe1it4Y5CL"
> It works fine with the above two lines are omitted.
> However, whenever I put these two lines, it won't work.
>
> Do you know what seems to be the problem.
>
> Thanks,
>
> Jerry
> ----- Original Message -----
> From: "Jerry Lam" <bo...@hotmail.com>
> To: "Philipp Knüsel" <ph...@gmx.ch>; <we...@tcl.apache.org>
> Sent: Friday, November 21, 2003 4:18 PM
> Subject: Re: querystring
>
>
> > Hi,
> >
> > thanks for the reply. I also wonder if it is possible to turn it off
> > entirely. ;) Without having these two lines in every single page.
> >
> > Thank you,
> >
> > Jerry
> > ----- Original Message -----
> > From: "Philipp Knüsel" <ph...@gmx.ch>
> > To: <we...@tcl.apache.org>
> > Cc: "Jerry Lam" <bo...@hotmail.com>
> > Sent: Friday, November 21, 2003 3:43 PM
> > Subject: Re: querystring
> >
> >
> > > Hello Jerry, websh users
> > >
> > > > I wonder if it is possible to turn the encription off from the
> > querystring
> > > Everything is possible using the websh ;-)
> > >
> > > To turn the URL encription off add this to your code:
> > >
> > > web::config encryptchain {}
> > > web::config decryptchain {}
> > >
> > > Find more information here:
> > > http://tcl.apache.org/websh/quickref/data_encryption.html#web::encrypt
> > > and here:
> > > http://tcl.apache.org/websh/quickref/configuration.html#web::config
> > >
> > > enjoy!
> > >
> > > Philipp
> > >
> > >
> > >
> > >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: websh-user-unsubscribe@tcl.apache.org
> > For additional commands, e-mail: websh-user-help@tcl.apache.org
> >
> >
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: websh-user-unsubscribe@tcl.apache.org
> For additional commands, e-mail: websh-user-help@tcl.apache.org
>
>
Re: querystring
Posted by Jerry Lam <bo...@hotmail.com>.
Hi,
I'm looking for advice. After I add the lines
web::config encryptchain {}
web::config decryptchain {}
the cookie doesn't work like before. I have a key with this value
"XDXGF9z4Xv0zg40XU1Mvy8GriEJ8CyKqpTysJe1it4Y5CL"
It works fine with the above two lines are omitted.
However, whenever I put these two lines, it won't work.
Do you know what seems to be the problem.
Thanks,
Jerry
----- Original Message -----
From: "Jerry Lam" <bo...@hotmail.com>
To: "Philipp Knüsel" <ph...@gmx.ch>; <we...@tcl.apache.org>
Sent: Friday, November 21, 2003 4:18 PM
Subject: Re: querystring
> Hi,
>
> thanks for the reply. I also wonder if it is possible to turn it off
> entirely. ;) Without having these two lines in every single page.
>
> Thank you,
>
> Jerry
> ----- Original Message -----
> From: "Philipp Knüsel" <ph...@gmx.ch>
> To: <we...@tcl.apache.org>
> Cc: "Jerry Lam" <bo...@hotmail.com>
> Sent: Friday, November 21, 2003 3:43 PM
> Subject: Re: querystring
>
>
> > Hello Jerry, websh users
> >
> > > I wonder if it is possible to turn the encription off from the
> querystring
> > Everything is possible using the websh ;-)
> >
> > To turn the URL encription off add this to your code:
> >
> > web::config encryptchain {}
> > web::config decryptchain {}
> >
> > Find more information here:
> > http://tcl.apache.org/websh/quickref/data_encryption.html#web::encrypt
> > and here:
> > http://tcl.apache.org/websh/quickref/configuration.html#web::config
> >
> > enjoy!
> >
> > Philipp
> >
> >
> >
> >
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: websh-user-unsubscribe@tcl.apache.org
> For additional commands, e-mail: websh-user-help@tcl.apache.org
>
>
Re: querystring
Posted by Jerry Lam <bo...@hotmail.com>.
Hi,
thanks for the reply. I also wonder if it is possible to turn it off
entirely. ;) Without having these two lines in every single page.
Thank you,
Jerry
----- Original Message -----
From: "Philipp Knüsel" <ph...@gmx.ch>
To: <we...@tcl.apache.org>
Cc: "Jerry Lam" <bo...@hotmail.com>
Sent: Friday, November 21, 2003 3:43 PM
Subject: Re: querystring
> Hello Jerry, websh users
>
> > I wonder if it is possible to turn the encription off from the
querystring
> Everything is possible using the websh ;-)
>
> To turn the URL encription off add this to your code:
>
> web::config encryptchain {}
> web::config decryptchain {}
>
> Find more information here:
> http://tcl.apache.org/websh/quickref/data_encryption.html#web::encrypt
> and here:
> http://tcl.apache.org/websh/quickref/configuration.html#web::config
>
> enjoy!
>
> Philipp
>
>
>
>
Re: querystring
Posted by Philipp Knüsel <ph...@gmx.ch>.
Hello Jerry, websh users
> I wonder if it is possible to turn the encription off from the querystring
Everything is possible using the websh ;-)
To turn the URL encription off add this to your code:
web::config encryptchain {}
web::config decryptchain {}
Find more information here:
http://tcl.apache.org/websh/quickref/data_encryption.html#web::encrypt
and here:
http://tcl.apache.org/websh/quickref/configuration.html#web::config
enjoy!
Philipp
Re: querystring
Posted by Ronnie Brunner <ro...@netcetera.ch>.
> I wonder if it is possible to turn the encription off from the
> querystring. I'm using wehsh standard web::cmdurl and web::cmdurlcfg
> to append the querystring example
> http://localhost/template.ws3?XDZuRD2zLY2Pam6JgevSaLy7xv4LfjDV
> I want it to display the normal querystring
> http://localhost/template.ws3?t=1020asdf
You already got an answer about using web::config encryptchain.
To avoid having problems with cookies (as in the last mail) there is
an easy way:
rename web::cmdurl web::cmdurl.orig
proc web::cmdurl {args} {
set oldchain [web::config encryptchain {}]
set res [eval web::cmdurl.orig $args]
web::config encryptchain $oldchain
return $res
}
And you're all set w/o any other side effects (I think ;-)
Ronnie
----------------------------------------------------------------------
Ronnie Brunner ronnie.brunner@netcetera.ch
Netcetera AG, 8040 Zuerich phone +41 1 247 79 79 fax +41 1 247 70 75