Cookie questions

[Raymond Wan <rw...@kuicr.kyoto-u.ac.jp>]

Hi all,

Sorry, but I'm not entirely sure if this is relevant to modperl...

I was wondering if it was possible to delete cookies.  I read that using 
Javascript, cookies can be deleted by setting it to a time in the past.  
I'm not sure how to do it in Mason, though.  I think I know how to get a 
cookie and also to set a new one and send it out.  But, I don't know how 
to get an old cookie, change it, and send it back.  Or even, get a 
cookie, *copy it*, send the copy back.  What is stopping the browser 
from creating a second cookie with the same name?

Also, I've seen various ways of setting cookies.  For example, one using 
APR::Request::Cookie and another using Apache2::Cookie.  Which should I 
use?  I'm setting a cookie by doing:

$r->err_headers_out->add ("Set-Cookie" => $cookie->as_string);

where $cookie is of type APR::Request::Cookie.  Is this strange?  (I 
forgot what I read to come up with this...most other documents mention a 
"bake" method...)

Ray

Re: Cookie questions

[Raymond Wan <rw...@kuicr.kyoto-u.ac.jp>]

Hi John,

John ORourke wrote:
> Cookie names are unique to a given domain (the domain which can 
> optionally be explicitly set using $cookie->domain ) - if you write 
> another cookie with the same name and domain and path it'll overwrite 
> the previous one.


Ah, thanks for this!  I guess I had a bug somewhere and I was setting 
the cookie from two different files and the default path in both cases 
were different because I didn't explicitly state it.  I've done that 
now, and as you said, only one appears in the browser.  Thanks!


>> $r->err_headers_out->add ("Set-Cookie" => $cookie->as_string);
>
> Fine, that's basically what the bake() method does.  I made a subclass 
> of APR::Request::Cookie which included some hacks - try these:

I see.  Thanks for the suggestion!  I thought one was better than the 
other, but whatever gets the job done?

Since duplicates aren't allowed, I guess I don't have to get the cookie, 
change the date, and send it.  I can just send a new one with a negative 
or 0 date.  Whether or not the cookie was there in the first place, the 
result is that there won't be one.  Thanks!

Ray

Re: Cookie questions

[John ORourke <jo...@o-rourke.org>]

Raymond Wan wrote:
> I was wondering if it was possible to delete cookies.  I read that 
> using Javascript, cookies can be deleted by setting it to a time in 
> the past.  I'm not sure how to do it in Mason, though.  I think I know 
> how to get a cookie and also to set a new one and send it out.  But, I 
> don't know how to get an old cookie, change it, and send it back.  Or 
> even, get a cookie, *copy it*, send the copy back.  What is stopping 
> the browser from creating a second cookie with the same name?
Cookie names are unique to a given domain (the domain which can 
optionally be explicitly set using $cookie->domain ) - if you write 
another cookie with the same name and domain and path it'll overwrite 
the previous one.

> $r->err_headers_out->add ("Set-Cookie" => $cookie->as_string);

Fine, that's basically what the bake() method does.  I made a subclass 
of APR::Request::Cookie which included some hacks - try these:

Deleting:
        $val=$cookie->as_string;
        $val=~s/max-age=(\S*?)(\s*;)?//ig; # remove any existing max-age
        $val.='; Max-Age=0';
        $r->err_headers_out->add("Set-Cookie", $val);

Setting:
        $val=~s/="\/"/=\//; # firefox hack to ensure it understands the path
        $r->err_headers_out->add("Set-Cookie", $val);


hth,
John

Re: Cookie questions

[Raymond Wan <rw...@kuicr.kyoto-u.ac.jp>]

Hi bop,

Thanks for the e-mail.  I ended up doing a mix of both your suggestion 
and John's and it seems to work ok.  Both of your suggestions were 
great; thank you!

Ray


Boysenberry Payne wrote:
> Oops, I forgot the some code:
>
> # to set
> $cookie = { -name => "foo", -value => "bar", -path => "/" };
> my $data = [];
> push( @$cookie_data, Apache2::Cookie->new( $r, %{$cookie} ) );
> foreach ( @$cookie_data ) {
>     $_->bake( $r );
> }
>
> # now to unset
> my $jar = Apache2::Cookie::Jar->new( $r );
> my $cookies = $jar->cookies;
> if ( defined $cookies->{foo} ) {
>     $cookie = { -name => "foo", -value => "bar", -path => "/", 
> -expires => "0" };
>     push( @$cookie_data, Apache2::Cookie->new( $r, %{$cookie} ) );
>     foreach ( @$cookie_data ) {
>         $_->bake( $r );
>     }
> }

Re: Cookie questions

[Boysenberry Payne <bo...@habitatlife.com>]

Oops, I forgot the some code:

# to set
$cookie = { -name => "foo", -value => "bar", -path => "/" };
my $data = [];
push( @$cookie_data, Apache2::Cookie->new( $r, %{$cookie} ) );
foreach ( @$cookie_data ) {
	$_->bake( $r );
}

# now to unset
my $jar = Apache2::Cookie::Jar->new( $r );
my $cookies = $jar->cookies;
if ( defined $cookies->{foo} ) {
	$cookie = { -name => "foo", -value => "bar", -path => "/", -expires  
=> "0" };
	push( @$cookie_data, Apache2::Cookie->new( $r, %{$cookie} ) );
	foreach ( @$cookie_data ) {
		$_->bake( $r );
	}
}


On Dec 24, 2007, at 3:29 AM, Boysenberry Payne wrote:

> This is what I do:
>
> $cookie = { name => "foo", value => "bar" }
> my $data = [];
> push( @$data, Apache2::Cookie->new( $r, %{$cookie} ) );
> foreach ( @$data ) {
> 	$_->bake( $r );
> }
>
> Hope it helps...
>
> -bop
>
> On Dec 24, 2007, at 2:55 AM, Raymond Wan wrote:
>
>>
>> Hi all,
>>
>> Sorry, but I'm not entirely sure if this is relevant to modperl...
>>
>> I was wondering if it was possible to delete cookies.  I read that  
>> using Javascript, cookies can be deleted by setting it to a time  
>> in the past.  I'm not sure how to do it in Mason, though.  I think  
>> I know how to get a cookie and also to set a new one and send it  
>> out.  But, I don't know how to get an old cookie, change it, and  
>> send it back.  Or even, get a cookie, *copy it*, send the copy  
>> back.  What is stopping the browser from creating a second cookie  
>> with the same name?
>>
>> Also, I've seen various ways of setting cookies.  For example, one  
>> using APR::Request::Cookie and another using Apache2::Cookie.   
>> Which should I use?  I'm setting a cookie by doing:
>>
>> $r->err_headers_out->add ("Set-Cookie" => $cookie->as_string);
>>
>> where $cookie is of type APR::Request::Cookie.  Is this strange?   
>> (I forgot what I read to come up with this...most other documents  
>> mention a "bake" method...)
>>
>> Ray
>>
>>
>

Re: Cookie questions

[Boysenberry Payne <bo...@habitatlife.com>]

This is what I do:

$cookie = { name => "foo", value => "bar" }
my $data = [];
push( @$data, Apache2::Cookie->new( $r, %{$cookie} ) );
foreach ( @$data ) {
	$_->bake( $r );
}

Hope it helps...

-bop

On Dec 24, 2007, at 2:55 AM, Raymond Wan wrote:

>
> Hi all,
>
> Sorry, but I'm not entirely sure if this is relevant to modperl...
>
> I was wondering if it was possible to delete cookies.  I read that  
> using Javascript, cookies can be deleted by setting it to a time in  
> the past.  I'm not sure how to do it in Mason, though.  I think I  
> know how to get a cookie and also to set a new one and send it  
> out.  But, I don't know how to get an old cookie, change it, and  
> send it back.  Or even, get a cookie, *copy it*, send the copy  
> back.  What is stopping the browser from creating a second cookie  
> with the same name?
>
> Also, I've seen various ways of setting cookies.  For example, one  
> using APR::Request::Cookie and another using Apache2::Cookie.   
> Which should I use?  I'm setting a cookie by doing:
>
> $r->err_headers_out->add ("Set-Cookie" => $cookie->as_string);
>
> where $cookie is of type APR::Request::Cookie.  Is this strange?   
> (I forgot what I read to come up with this...most other documents  
> mention a "bake" method...)
>
> Ray
>
>