Re: HttpClient and cookies

Mon, 20 Oct 2008 23:46:34 -0700 

Hello Joseph,
But why my Browsers (FF and IE) are sending the cookies back "correctly"? Or the Browsers are also "broken"? 

Thank you,
Reinhard

Joseph Mocker wrote:

It sounds like your webserver, or whatever is generating & processing 
the session cookie, is in error. From my reads of RFC2109 & RFC2068, 
quotes are reserved characters, they are not allowed in the cookie value.


They say the cookie value can be either

                    token | quoted-string

where

         token          = 1*<any CHAR except CTLs or tspecials>

         tspecials      = "(" | ")" | "<" | ">" | "@"
                        | "," | ";" | ":" | "\" | <">
                        | "/" | "[" | "]" | "?" | "="
                        | "{" | "}" | SP | HT

and

         quoted-string  = ( <"> *(qdtext) <"> )

         qdtext         = <any TEXT except <">>



So in your example, the quoted-string form is used, therefore the 
quotes are not part of the cookie value.


Perhaps one of the developers can comment?

 --joe


Reinhard Pagitsch wrote:

Hello to all,


From our webserver I get a session cookie in the form 
POSESSIONID="dfgsdfgsdg="
But the HTTPClient sends back the cookie in the form 
POSESSIONID=dfgsdfgsdg=.
Therefore no authentication is done. Is there a way to configure the 
HttpClient to send back

the session cookie as it is and do no modifications?

Thank you,
Reinhard

---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]




---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]




--
Reinhard Pagitsch
IBA Team
ISIS Information Systems
Alter Wienerweg 12
A-2344 Ma. Enzersdorf, Austria
Phone: +43-2236-27551-219
Fax: +43-2236-21081
E-mail: [EMAIL PROTECTED]
Product Support: +43-2236-27551-111
Open a support case via the ISIS Support Case Order Form:
http://www.isis-papyrus.com/e/pages/forms/2/hlorderform.html
Visit the ISIS Website: http://www.isis-papyrus.com
-----------------------------------------------------------------------
This e-mail is only intended for the recipient and not legally binding.
Unauthorised use, publication, reproduction or disclosure of the content
of this e-mail is not permitted. This email has been checked for known

viruses, but ISIS accepts no responsibility for malicious or 
inappropriate content.

-----------------------------------------------------------------------

---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
























					Reply via email to