was trying to set cache expiry and:
<@ASSIGN request$httpHeader VALUE="HTTP/1.1 <@HTTPSTATUSCODE> <@HTTPREASONPHRASE><@CRLF>Content-Type: text/html<@CRLF>X-Witango: <@VERSION> <@PLATFORM><@CRLF>Cache-Control: no-cache, max-age=0, must-revalidate, proxy-revalidate<@CRLF>Pragma: no-cache<@CRLF><@USERREFERENCECOOKIE><@CRLF>">
was what I set, per Scott, and kaboom goes the webstar plug-in.
(not the witango server or webstar, but the plug-in seems to crash all by itself)
On Tuesday, October 7, 2003, at 06:24 PM, Ben Johansen wrote:
Can we see an example of how your are setting the header? This can be really persnickety ;-) Not saying you are doing any wrong, just interested
Ben Johansen - http://www.pcforge.com -Authorized WiTango Reseller http://www.pcforge.com/WitangoGoodies.htm -Authorized Alt-N Reseller http://www.pcforge.com/AltN.htm
-----Original Message----- From: Roland A. Dumas [mailto:[EMAIL PROTECTED] Sent: Tuesday, October 07, 2003 5:54 PM To: [EMAIL PROTECTED] Subject: Re: Witango-Talk: resetting userreferencecookie
ah, setting header causes plug-in crash..... (which is where I started) (and bug report form to witango has a bug in it so submit don't work)
On Tuesday, October 7, 2003, at 05:48 PM, Bill Conlon wrote:
After assigning a null string to the cookie sent it to the browser in a
custom HTTP header.
This will clear the session cookie at the client.
Presumably you will simultaneously do a 301 redirect to a login page to
cause the hijacked/tailgated user to login and obtain a valid session
cookie.
<@PURGERESULTS> <@ASSIGN cookie$Witango_UserReference VALUE=""> <@ASSIGN NAME="httpHeader" SCOPE="request" VALUE="HTTP/1.1 302 <@crlf>Location: login.taf<@crlf><@USERREFERENCECOOKIE><@SETCOOKIES><@crlf><@crlf>">
Normally you would just set the value to nothing <@ASSIGN cookie$Witango_UserReference VALUE="">
The problem here is Witango is going to place a new value in there
So you best bet is to place a value in there like <@ASSIGN cookie$Witango_UserReference VALUE="HiMom">
Ben Johansen - http://www.pcforge.com Authorized Witango & MDaemon Reseller Available for Witango Developement
-----Original Message----- From: Roland A. Dumas [mailto:[EMAIL PROTECTED] Sent: Tuesday, October 07, 2003 12:46 PM To: [EMAIL PROTECTED] Subject: Re: Witango-Talk: resetting userreferencecookie
you can't?
I see that the altuserkey is set at <@CGIPARAM CLIENT_IP> and deleted it, figuring that it was keeping sessions alive that way, but it didn't
work.
So how do you kill a session cookie? Can you purge it?
On Tuesday, October 7, 2003, at 12:36 PM, Ben Johansen wrote:
Ok,_____________________________________________________________________ _
My post from my other server didn't make it through.
to change the Witango_UserReference cookie you can't uses the EXPIRES
because it is a session cookie
Ben Johansen
-----Original Message----- From: Roland A. Dumas [SMTP:[EMAIL PROTECTED] Sent: Tuesday, October 07, 2003 12:31 PM To: [EMAIL PROTECTED] Subject: Re: Witango-Talk: resetting userreferencecookie
Thanks I figured I should be able to set @@cookie$witango_userreference to expire and have witango server create a new one on the spot, but there seems to be something very persistent about it. jest won't die.
hmmm.. maybe Fergal knows
On Tuesday, October 7, 2003, at 12:19 PM, Ben Johansen wrote:
I have been trying with my testautocookie.taf and seeing the same thing
I have been looking at it and wanted you to know that there was someone looking at itJ
Ben Johansen - http://www.pcforge.com Authorized Witango & MDaemon Reseller Available for Witango Developement
-----Original Message----- From: Roland A. Dumas [mailto:[EMAIL PROTECTED] Sent: Tuesday, October 07, 2003 12:11 PM To: [EMAIL PROTECTED] Subject: Witango-Talk: resetting userreferencecookie
If I try to rub out the userreference cookie thusly, it comes right back. How can I kill it and reset in the same request?
@ASSIGN name="Witango_userreference" scope=cookie value="now" expires="Tue, 07-Oct-03 00:00:00 GMT ">
______________________________________________________________________ __ TO UNSUBSCRIBE: Go to http://www.witango.com/maillist.taf << File: ATT00004.att >>
__ TO UNSUBSCRIBE: Go to http://www.witango.com/maillist.taf
_____________________________________________________________________ _
__
TO UNSUBSCRIBE: Go to http://www.witango.com/maillist.taf
_____________________________________________________________________ _
__
TO UNSUBSCRIBE: Go to http://www.witango.com/maillist.taf
Bill Conlon
To the Point 345 California Avenue Suite 2 Palo Alto, CA 94306
office: 650.327.2175 fax: 650.329.8335 mobile: 650.906.9929 e-mail: mailto:[EMAIL PROTECTED] web: http://www.tothept.com
______________________________________________________________________ _
_
TO UNSUBSCRIBE: Go to http://www.witango.com/maillist.taf
_______________________________________________________________________ _
TO UNSUBSCRIBE: Go to http://www.witango.com/maillist.taf
_______________________________________________________________________ _
TO UNSUBSCRIBE: Go to http://www.witango.com/maillist.taf
________________________________________________________________________ TO UNSUBSCRIBE: Go to http://www.witango.com/maillist.taf
