It uses the SimpleCookie.load method. we can make it more resilient at the
expense of using our own parser which would be slower. I think we should
leave this alone but I will bring this up on web2py-developers. Feel free
to join that list. It is public.
On Monday, December 3, 2012 6:36:30 PM UTC-6, Dominic Cioccarelli wrote:
>
> Ok, found the issue (probably specific to my environment). One of the
> cookies seems to be "badly formatted", specifically "lib/pb_server.py"
> (still trying to find where that one comes from).
>
> In web2py main.py, the following code will only load the cookies up to the
> bad one:
>
>
> # ##################################################
> # load cookies
> # ##################################################
>
> if env.http_cookie:
> try:
> request.cookies.load(env.http_cookie)
> except Cookie.CookieError, e:
> pass # invalid cookies
>
> Not sure whether it would be worthwhile making it more resilient?
>
> Regards,
> Dominic.
>
> On Tuesday, 4 December 2012 00:33:45 UTC+1, Dominic Cioccarelli wrote:
>>
>> Hi Massimo,
>>
>> sure, the parsing code is as follows:
>>
>> def getCookie(name):
>> cookies = self.request.env.http_cookie.split(';')
>> for cookie in cookies:
>> cookie = cookie.strip()
>> if cookie.startswith(name):
>> temp = cookie.split('=', 1)
>> return temp[1].strip('"')
>> return None
>>
>> The cookie header (partially modified for obvious reasons) is included at
>> the bottom of this post. My function can return the value of, for example,
>> "monsterCookie" which is otherwise not visible via the standard cookie
>> class.
>>
>> Regards,
>> Dominic.
>>
>> zzeuck_answ=0; SI_baq09Z0lnXXAFA8_intercept=true; OAX=UodP6FB8EyoAAAIE;
>> ab-test=A; UPS_AnonymousID=hJA3HAAAMhYXK; zzdddc=37;
>> com_zz_jumpid=em_r11999_au/au/hho/pps/eppint-id999-12cw42_em_edm_pu_login_pd/employee-offer_str/20121019;
>>
>> uid=D+CoIlCJtIOVpgdbDp1vAg==; SI_ai2DPVK1I1MVhFG_intercept=true;
>> s_pers=%20s_vnum%3D1437515522943%2526vn%253D2%799937515522943%3B%20s_invisit%3Dtrue%7C1399941895778%3B%20s_visit%3D1%999351941895781%3B%20aVc1%3D1%7C1351941895784%3B%20s_MC%3D1%7C9994532095788%3B%20s_LrI%3D1%7C1354532095790%3B;
>>
>> ATZZ_COOKIE=prefCountry%3DDE|prefViewGlobalContent%3D0|prefLang%3Dde;
>> ATZZ_RETURN_URL=
>> http://itsupport.zz.com/portal/site/sg/documentdetail?docid=KM0XXXXX;
>> internalwikidb_mw__session=4hv22njzzzfbq0bdigxxxultp5;
>> wikidb_mw__session=pxxxr0mvu84gja3srs7aobjsl0;
>> Remember_me=3ac1c95e346d26150a963eb8225909eb36a536f6e10a3d7df56f12bxxx3ea424a02c853f69b69fcb;
>>
>> wikidb_mw_UserID=4055; wikidb_mw_UserName=bozo.hound%40zz.com;
>> wikidb_mw_Token=eac777e6fcb2xxx38ac008874e656dcb;
>> session_id_hotfixdb=199.195.185.83-570b5331-a11a-416a-9c81-393145fe1c4a;
>> ovrd_last_page=https%3A//
>> support.frogcompanydingo.zz.com/casemanager/case/SD00160439;
>> lib/pb_server.py.session_id=4tuumlSfG16/4vJFNhwBKFHkHf4=; lang=en; cc=GB;
>> OVRD_Cookie=editprofiletimestamp=1121122000044Z;
>> CL_Cookie=?UTF-8?B?cHJlZmVycmVkbGFXXXVhZ2U9ZW58aHBjbG5hbWU9ZGNpb2NjYXJ8aHBjbGlkbnVtYmVyPTJhYTI1ZDUyMWQ0MGUyYjU5OTJhYWI3N2QyNGRlODY3fGhwcmVzaWRlbnRjb3VudHJ5Y29kZT1BVXxzbj1DaW9jY2FyZWxsaXxnaXZlbm5hbWU9RG9taW5pY3xlbWFpbD1kb21pbmljLmNpb2NjYXJlbGxpQGhwLmNvbXxjcmVhdGV0aW1lc3RhbXA9MjAwMi0wNC0xNyAwMjozNDo1NHxtb2RpZnl0aXXXc3RhbXA9MjAxMi0xMC0xNSAxMzo1MTo1NXxjbGFuZz1BVS1lbg==;
>>
>> c_lang=?UTF-8?B?TEFXXX9DT0RF; clang=?UTF-8?B?QVUtZW4=;
>> ovrdtarget=?UTF-8?B?aHR0cXXXLy9zdXBwb3J0Lm9wZW52aWV3LmhwLmXXXS9lbnRpdGxlbWVudC9jc3MvY29udHJhY3RzXXXzcw==;
>>
>> internalwikidb_mw_UserID=73; internalwikidb_mw_UserName=bozo.hound%
>> 40zz.com; internalwikidb_mw_Token=951621afe99965XXXfb3daf6ac7ba405;
>> s_sv_sid=999905932487; zzeuck_prefs=1111;
>> com_zz_hope=g**H**v**2**r**2**s**1999922368246**x**1920x1080**m**h%7C0%7C0%7C0%3Xo%7C19%7C0%7C0%3Ba%7C1%7C0%7C0**t**0%3Aa%7C3%7C0%7C0%3A12454%3Aa%7C1%7C0%7C0**l**0;
>>
>> has_js=1; prop12=r10978; EMID=; s_cc=true;
>> s_sq=zzhqintraatzzintranetportaltest%3D%2526pid%253AAAZZ%252520%25257C%252520Home%252520%2526pidt%253D1%2526oid%253Dhttps%25253A%252F%
>> 252Fwww.rooms.zz.com%252Fsignin.aspx%2526ot%253DA;
>> s_vi=[CS]v1|28316ZZZ850125E4-40000109990D67EF[CE]; cert_auth_cookie=1;
>> auth_level_cookie=15; zzGlobalID=ZZKRML;
>> zzEmail="[email protected]<javascript:>";
>> cn="Bozo Hound"; givenName=Bozo; sn=Hound; employeenumber=00527999;
>> bozo=bozo;
>> monsterCookie="MRXW22LONFRS4Y3JN5RWGYLSMVWGY2XXXBYC4Y3PNURUI33NNFXGSYZAINUW6Y3DMFZGK3DMNERUI33NNFXGSYZDINUW6Y3DMFZGK3DMNERTAMBVGI3TKMJWENNFUS2SJXXX====";
>>
>> session_id_admin=199.195.185.82-25582396-caaa-4308-bad3-337c7bebc5a4;
>> SMSESSION=lg2mNpwEqQXu6awvaMRd7TJ7eFkmZZooPo696vmiKVan8XXXXmy3dfJxEmW3EQi33eaY+Na0i2CW++0aL22gKdLzj0ysUiySOuyA/i/cAtqU+0kg+PQ1OpiHWHd8MUE3xRxUntHzjGjDU09Vc8AkCmGlUJrP25jj+NeWVGq+f5RK8NCqYOmkAaCF/8bfCJR3CUWRtmK5Y1P6ASnh/qq1kimo60elp6RSeXnFgUyb3Ch1doR+HG9x31+wY/z2uTaU+N8FvPtuFiHb5qE2zF4JpH8UE9hY4S5yTcLH1eerGBUkjc0JxdiGuJattoLn4hs9Ied/VjkBkri4hMvuHhAAAAAtOJ0oiA+O8/3sbBDg3fxwQk7+sGePGS42MWS03zwN7XzziUNkxY9ICrdqordHrhXw70nEh129GVyt3t45WHICw/HWo4+vPFqrVhZBJWjHj7w0nn/765buuyHXl8E93EpSC3/e7Va1ZN0b2Evw5OqRJ3LnSDPkSeYxczUowPa2sKxLNE/UasQdDl2okTj0do2v5TM1hscf9qEJxSxd31ktERwYiLY/nE3IbFHo2q66dYijPLoWy1UycmOssrnxmSfPW6ixIF6aBhVJ9x9L46j+H9F3tRyFD5IUOYJ+a6Su0uFlLsY0NuJy7gT5fac+7QH2AAALhE8sYXmqniLSlks+JPe1vUX0+QNeVo2H/AwMRMhibrl8dVYWr4kss+FquvP0X4WzcjBkkU8slkH+vSEkgwSudwYBHuAnPhoOCPPHFSBfkr6VvfFv5Dgmzk/az9kHxe/3oXDbe7f4hnhrV/Fmj2PgiiB+PDnDDdLAszoD51KQVD1ZO23/250cYXLnND48NjwOyb8ZJxbGucYPPXseLJikq6BcasjlXaOTkudULEHWxHBZbuCGt+pdq0UH5uYKFSfA71a/7djmSt7XcxLvHaQgy6YqHVfdXetLCXZZs82fTHjPhqxUjgjfYIjw641/+04iWetf9NIZDzeceo4pKdNB89/hPuG5U4LRdmcTcEMNIPhSUX3T8u4l2gVvtOzsVarhHL0B6siwFiAXPiw23QbrKK4/ZnECKKc3QLOw;
>>
>> session_id_m3t=199.195.185.82-50aaa5a5-aa99-4873-a3aa-57ba1d1932d8
>>
>>
>> On Monday, 3 December 2012 22:52:04 UTC+1, Massimo Di Pierro wrote:
>>>
>>> Can you post your cookie parsing code? It would help us understand the
>>> problem.
>>>
>>> On Monday, 3 December 2012 15:28:12 UTC-6, Dominic Cioccarelli wrote:
>>>>
>>>> Hi all,
>>>>
>>>> I have discovered an issue with the way web2py treats the "cookies"
>>>> header. Specifically, when the header grows bigger than a certain size,
>>>> web2py doesn't retrieve all the required cookies for the domain in
>>>> question.
>>>>
>>>> In my case, the application is running on an intranet for a rather big
>>>> company. This means that many cookies are potentially available to an
>>>> application (those that are stored at the domain level) meaning that the
>>>> length of the overall cookies header grows.
>>>>
>>>> If I iterate over all the headers in Java (JSP) I get a complete set.
>>>> If I then redirect to a web2py application, I only get the first x headers
>>>> (where x is dependant of the previous cookie's lengths). The *
>>>> request.env.http_cookie* variable is complete however.
>>>>
>>>> Whilst I've managed to code around this issue (by writing my own
>>>> cookie retrieval function that parses request.env.http_cookie) there
>>>> is a problem with the inbuilt session management code as it uses the
>>>> underlying (broken) cookie code to store the session ID.
>>>>
>>>> I haven't had a chance to look at the source code for cookie management
>>>> in web2py but wanted to check whether anyone else had experienced this
>>>> issue?
>>>>
>>>> Regards,
>>>> Dominic.
>>>>
>>>>
>>>>
>>>>
--
