On Tue, Jan 26, 2010 at 7:45 AM, Christian Johansen <[email protected]>wrote:
> On Tue, Jan 26, 2010 at 05:28, Abhishek Singh <[email protected]>wrote: > >> I'm using "localhost" as the value for gitorious_host in the >> gitorious.yml file. So I assume cookie should be properly set. But even >> though I'm unable to log in. >> > > For what it's worth, I've had trouble using localhost for hosting gitorious > in the past. I guess it probably shouldn't matter, but try to use something > like gitorious.local. Maybe Marius can shed some light on whether this is > has any significance. > Apparently, it does. RFC 2109: http://www.ietf.org/rfc/rfc2109.txt states that a HTTP user agent (aka. browser) should reject cookies with a domain specification that does not contain an embedded dot: A Set-Cookie with Domain=.com or Domain=.com., will always be rejected, > because there is no embedded dot. Obviously, this is to prevent someone from issuing a domain that should be valid for any hostname under ".com". Different browsers seem to handle this differently, but the safest bet is probably to go with the RFC here and use something that contains a dot under gitorious_host in gitorious.yml. On a side note, using .local as the "domain part" of the host may confuse Avahi/Zeroconf/Bonjour settings which use the same suffix for local hostnames. I use ".here" - so my gitorious_host is gitorious.here. Cheers, - Marius -- To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected]
