Jun,
After some additional review of the cookies in my environment, I believe
that the presence of forward slashes or spaces in the values of cookies are
what is causing the issue that I am seeing. When I manually remove each
cookie that contained any spaces or forward slashes in the value of the
cookie from my browser session, the login redirect loop stops and Trac
behaves normally, until these cookies come back via accessing a university
wide ERP system.
The attached text file contains a slightly obfuscated set of my cookies,
with several of the values replaced with X's. I believe that any cookie
with a value that contains any of the "invalid characters" for cookie
names, as mentioned here https://docs.python.org/3/library/http.cookies.html
is causing this failure to parse any of the cookies in my session.
In case it helps, my Trac environment will be running on the domain of
test.prvt.controller.iu.edu. The cookies from our ERP system all have a
domain of .iu.edu. Lastly, I have just opened
https://trac.edgewall.org/ticket/13876 for this issue. Thanks again for
your help!
Chris
On Fri, Mar 7, 2025 at 2:29 PM Jun Omae <jun6...@gmail.com> wrote:
> On 2025/03/08 0:02, Chris Shelton wrote:
> > Jun,
> >
> > Thank you for your response. I just tried your quick fix, and
> unfortunately I am still seeing the login redirection errors when I have
> the additional cookies present from the higher level domain.
> >
> > I think that python3 SimpleCookie and/or BaseCookie are also failing to
> parse anything when any cookie has an invalid character present, such as a
> double quote, comma, semicolon or backslash. Would it be possible to
> rework the actual cookie parsing code to avoid the use of SimpleCookie or
> BaseCookie for processing cookies received from the browser?
> >
> > Chris
>
> Could you please share your cookies, masking any sensitive information
> such as session ids? I'd like to clarify what's causing the issue.
>
> According your investigation, you said that it caused by the unnamed
> cookies. So that, the patch tries to remove such unnamed cookies, but it
> doesn't seem to be caused the issue.
>
> --
> Jun Omae <jun6...@gmail.com> (大前 潤)
>
> --
> You received this message because you are subscribed to the Google Groups
> "Trac Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to trac-users+unsubscr...@googlegroups.com.
> To view this discussion visit
> https://groups.google.com/d/msgid/trac-users/e996f187-3158-4b0b-a3cb-7a2c875b5005%40gmail.com
> .
>
--
You received this message because you are subscribed to the Google Groups "Trac
Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to trac-users+unsubscr...@googlegroups.com.
To view this discussion visit
https://groups.google.com/d/msgid/trac-users/CAB0jkdxjXerksB3__rP7yHUBwnnfAvezxXjJAaoeMHhoA8ua9w%40mail.gmail.com.
[{"domain":"test.prvt.controller.iu.edu","hostOnly":true,"httpOnly":true,"name":"trac_form_token","path":"/trac","sameSite":"unspecified","secure":true,"session":true,"storeId":"0","value":"dc7e6d080dfdXXXXXXX"},{"domain":"test.prvt.controller.iu.edu","expirationDate":1749225465.111301,"hostOnly":true,"httpOnly":true,"name":"trac_session","path":"/trac","sameSite":"unspecified","secure":true,"session":false,"storeId":"0","value":"53dd95a589XXXXXXXXXX"},{"domain":".test.prvt.controller.iu.edu","hostOnly":false,"httpOnly":true,"name":"trac_auth","path":"/","sameSite":"unspecified","secure":true,"session":true,"storeId":"0","value":"c8aea0d4909XXXXXXXXXXXXXXXXXX"},{"domain":".iu.edu","hostOnly":false,"httpOnly":false,"name":"dtCookie","path":"/","sameSite":"unspecified","secure":false,"session":true,"storeId":"0","value":"v_4_srv_3_sn_703D6F8A8CF7CXXXXXXXXXXXXXXXX440_perc_100000_ol_0_mul_1_app-3Aea7c4bXXXXXXeb_1"},{"domain":".iu.edu","hostOnly":false,"httpOnly":false,"name":"psback","path":"/","sameSite":"strict","secure":true,"session":true,"storeId":"0","value":"%22%22url%22%3A%22https%3A%2F%2Fhrms.iu.edu%2Fpsc%2FPH1PRD%2FEMPLOYEE%2FHRMS%2Fc%2FPY_EMPL_FL.PY_IC_PAY_INQ_FLU.GBL%3Fpage%3DPY_IC_PI_LIST_FLU%22%20%22label%22%3A%22Pay%22%20%22origin%22%3A%22PIA%22%20%22layout%22%3A%221%22%20%22refurl%22%3A%22https%3A%2F%2Fhrms.iu.edu%2Fpsc%2FPH1PRD%2FEMPLOYEE%2FHRMS%22%22"},{"domain":"test.prvt.controller.iu.edu","hostOnly":true,"httpOnly":true,"name":"MOD_AUTH_CAS_PRVT_CTRO","path":"/","sameSite":"unspecified","secure":true,"session":true,"storeId":"0","value":"51cbffc74af81d5eXXXXXXXXXX"},{"domain":".iu.edu","hostOnly":false,"httpOnly":true,"name":"SignOnDefault","path":"/","sameSite":"strict","secure":true,"session":true,"storeId":"0","value":""},{"domain":".iu.edu","hostOnly":false,"httpOnly":true,"name":"lcsrftoken","path":"/","sameSite":"strict","secure":true,"session":true,"storeId":"0","value":"wwttR2UDu7yDIAXXXXXXXXXXXXXXXXXXXXX="},{"domain":".iu.edu","hostOnly":false,"httpOnly":true,"name":"PH1PRD-443-WebLogicSession","path":"/","sameSite":"unspecified","secure":false,"session":true,"storeId":"0","value":"TcN2eB3YKtiXXXXXXXXXXXXLiNIh!268603546"},{"domain":".iu.edu","hostOnly":false,"httpOnly":true,"name":"PS_LASTSITE","path":"/","sameSite":"strict","secure":true,"session":true,"storeId":"0","value":"https://hrms.iu.edu/psp/PH1PRD/"},{"domain":".iu.edu","hostOnly":false,"httpOnly":true,"name":"ExpirePage","path":"/","sameSite":"strict","secure":true,"session":true,"storeId":"0","value":"https://hrms.iu.edu/psp/PH1PRD/"},{"domain":".iu.edu","hostOnly":false,"httpOnly":true,"name":"PS_TokenSite","path":"/","sameSite":"strict","secure":true,"session":true,"storeId":"0","value":"https://hrms.iu.edu/psp/PH1PRD/?PH1PRD-443-WebLogicSession"},{"domain":".iu.edu","hostOnly":false,"httpOnly":false,"name":"PS_LOGINLIST","path":"/","sameSite":"strict","secure":true,"session":true,"storeId":"0","value":"https://hrms.iu.edu/PH1PRD"},{"domain":".iu.edu","hostOnly":false,"httpOnly":true,"name":"PS_TOKEN","path":"/","sameSite":"strict","secure":true,"session":true,"storeId":"0","value":"pAAAAAQDAgEBAAAAvAIAXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXwuOXZ8ZYGS6CWdIldYsCIfzpZDG1qHT0ePndMC3s="},{"domain":".iu.edu","expirationDate":1741450540.048261,"hostOnly":false,"httpOnly":false,"name":"https%3a%2f%2fhrms.iu.edu%2fpsp%2fph1prd%2femployee%2fhrms%2frefresh","path":"/","sameSite":"strict","secure":true,"session":false,"storeId":"0","value":"list:
%3ftab%3ddefault|%3frp%3ddefault|%3ftab%3donboarding|%3frp%3donboarding|%3ftab%3dremoteunifieddashboard|%3frp%3dremoteunifieddashboard"},{"domain":".iu.edu","hostOnly":false,"httpOnly":false,"name":"ps_theme","path":"/","sameSite":"strict","secure":true,"session":true,"storeId":"0","value":"node:HRMS
portal:EMPLOYEE theme_id:IU_DEFAULT_THEME_FLUID
css:PT_BRAND_CLASSIC_TEMPLATE_860 css_f:PT_BRAND_FLUID_TEMPLATE_860
accessibility:N macroset:IU_DEFAULT_MACROSET_860 formfactor:3
piamode:2"},{"domain":".iu.edu","expirationDate":1776009350.445705,"hostOnly":false,"httpOnly":false,"name":"PS_DEVICEFEATURES","path":"/","sameSite":"strict","secure":true,"session":false,"storeId":"0","value":"width:3440
height:1440 pixelratio:1 touch:0 geolocation:1 websockets:1 webworkers:1
datepicker:1 dtpicker:1 timepicker:1 dnd:1 sessionstorage:1 localstorage:1
history:1 canvas:1 svg:1 postmessage:1 hc:0
maf:0"},{"domain":".iu.edu","hostOnly":false,"httpOnly":false,"name":"PS_TOKENEXPIRE","path":"/","sameSite":"strict","secure":true,"session":true,"storeId":"0","value":"08_Mar_2025_15:56:02_GMT"},{"domain":"test.prvt.controller.iu.edu","hostOnly":true,"httpOnly":true,"name":"trac_auth","path":"/","sameSite":"unspecified","secure":true,"session":true,"storeId":"0","value":"e99899035aaceXXXXXXXXXXXXX4"}]
