On Tue, Jan 26, 2010 at 08:26, Marius Mårnes Mathiesen < [email protected]> wrote:
> On Tue, Jan 26, 2010 at 7:45 AM, Christian Johansen > <[email protected]>wrote: > >> On Tue, Jan 26, 2010 at 05:28, Abhishek Singh <[email protected]>wrote: >> >>> I'm using "localhost" as the value for gitorious_host in the >>> gitorious.yml file. So I assume cookie should be properly set. But even >>> though I'm unable to log in. >>> >> >> For what it's worth, I've had trouble using localhost for hosting >> gitorious in the past. I guess it probably shouldn't matter, but try to use >> something like gitorious.local. Maybe Marius can shed some light on whether >> this is has any significance. >> > > Apparently, it does. > RFC 2109: http://www.ietf.org/rfc/rfc2109.txt states that a HTTP user > agent (aka. browser) should reject cookies with a domain specification that > does not contain an embedded dot: > > A Set-Cookie with Domain=.com or Domain=.com., will always be rejected, >> because there is no embedded dot. > > > Obviously, this is to prevent someone from issuing a domain that should be > valid for any hostname under ".com". Different browsers seem to handle this > differently, but the safest bet is probably to go with the RFC here and use > something that contains a dot under gitorious_host in gitorious.yml. > > On a side note, using .local as the "domain part" of the host may confuse > Avahi/Zeroconf/Bonjour settings which use the same suffix for local > hostnames. I use ".here" - so my gitorious_host is gitorious.here. > Ah, to the specs, great work! Didn't think about those local hostnames, it was just a quick example. Anyway, thanks for clearing that up, I'll update the instructions so we can avoid this issue in the future. Christian > > Cheers, > - Marius > > -- > To post to this group, send email to [email protected] > To unsubscribe from this group, send email to > [email protected]<gitorious%[email protected]> > -- MVH Christian -- To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected]
