<@ASSIGN request$httpHeader VALUE="HTTP/1.1 <@HTTPSTATUSCODE><@HTTPREASONPHRASE><@CRLF>Content-Type: texthtml<@CRLF>X-Witango:<@VERSION> <@PLATFORM><@CRLF>Cache-Control: no-cache, max-age=0,must-revalidate, proxy-revalidate<@CRLF>Pragma:no- cache<@CRLF><@USERREFERENCECOOKIE><@CRLF>">
(without the CRs that the mail program introduces) crashes webstar plug in.
thanks. I'm going to add in Scott's one at a time to isolate the demon.
On Tuesday, October 7, 2003, at 11:40 PM, Ben Johansen wrote:
Ok Here is a brute force taf Ok I sent it in taf form because these things are so sensitive to extra spaces and crlfs it was just easier
Note: taf is in T2k if you want to using it in v5 then change the header to
set
Witango_UserReference instead of Tango_UserReference
and save it out in v5.
Give this a try
--Within the <pre below is the output of this taf-- <pre>
HTTP/1.1 200 OK Server: Microsoft-IIS/4.0 Date: Wed, 08 Oct 2003 06:37:58 GMT Connection: close Set-Cookie: Tango_UserReference=HiTher; path=/; Cache-Control: no-cache Cache-Control: post-check=0,pre-check=0 Cache-Control: max-age=0 Pragma: no-cache Content-Type: text/html
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN"> <HTML> <HEAD> <TITLE>Test UR Blank</TITLE> </HEAD> <BODY> <H2 ALIGN=LEFT>Test UR Blank</H2> </BODY> </HTML>
</pre>
Ben Johansen - http://www.pcforge.com -Authorized WiTango Reseller http://www.pcforge.com/WitangoGoodies.htm -Authorized Alt-N Reseller http://www.pcforge.com/AltN.htm
-----Original Message----- From: Roland A. Dumas [mailto:[EMAIL PROTECTED] Sent: Tuesday, October 07, 2003 6:34 PM To: [EMAIL PROTECTED] Subject: Re: Witango-Talk: resetting userreferencecookie
Hey, I'll readily admit that I'm doing something wrong. That's usually the easiest path:
was trying to set cache expiry and:
<@ASSIGN request$httpHeader VALUE="HTTP/1.1 <@HTTPSTATUSCODE> <@HTTPREASONPHRASE><@CRLF>Content-Type: text/html<@CRLF>X-Witango: <@VERSION> <@PLATFORM><@CRLF>Cache-Control: no-cache, max-age=0, must-revalidate, proxy-revalidate<@CRLF>Pragma: no-cache<@CRLF><@USERREFERENCECOOKIE><@CRLF>">
was what I set, per Scott, and kaboom goes the webstar plug-in. (not the witango server or webstar, but the plug-in seems to crash all by itself)
On Tuesday, October 7, 2003, at 06:24 PM, Ben Johansen wrote:
Can we see an example of how your are setting the header? This can be really persnickety ;-) Not saying you are doing any wrong, just interested
Ben Johansen - http://www.pcforge.com -Authorized WiTango Reseller http://www.pcforge.com/WitangoGoodies.htm -Authorized Alt-N Reseller http://www.pcforge.com/AltN.htm
-----Original Message----- From: Roland A. Dumas [mailto:[EMAIL PROTECTED] Sent: Tuesday, October 07, 2003 5:54 PM To: [EMAIL PROTECTED] Subject: Re: Witango-Talk: resetting userreferencecookie
ah, setting header causes plug-in crash..... (which is where I started) (and bug report form to witango has a bug in it so submit don't work)
On Tuesday, October 7, 2003, at 05:48 PM, Bill Conlon wrote:
After assigning a null string to the cookie sent it to the browser in a custom HTTP header.
This will clear the session cookie at the client.
Presumably you will simultaneously do a 301 redirect to a login page to cause the hijacked/tailgated user to login and obtain a valid session cookie.
<@PURGERESULTS> <@ASSIGN cookie$Witango_UserReference VALUE=""> <@ASSIGN NAME="httpHeader" SCOPE="request" VALUE="HTTP/1.1 302 <@crlf>Location: login.taf<@crlf><@USERREFERENCECOOKIE><@SETCOOKIES><@crlf><@crlf>">
Normally you would just set the value to nothing <@ASSIGN cookie$Witango_UserReference VALUE="">
The problem here is Witango is going to place a new value in there
So you best bet is to place a value in there like <@ASSIGN cookie$Witango_UserReference VALUE="HiMom">
Ben Johansen - http://www.pcforge.com Authorized Witango & MDaemon Reseller Available for Witango Developement
-----Original Message----- From: Roland A. Dumas [mailto:[EMAIL PROTECTED] Sent: Tuesday, October 07, 2003 12:46 PM To: [EMAIL PROTECTED] Subject: Re: Witango-Talk: resetting userreferencecookie
you can't?
I see that the altuserkey is set at <@CGIPARAM CLIENT_IP> and deleted
it, figuring that it was keeping sessions alive that way, but it
didn't
work.
So how do you kill a session cookie? Can you purge it?
On Tuesday, October 7, 2003, at 12:36 PM, Ben Johansen wrote:
____________________________________________________________________ _Ok, My post from my other server didn't make it through. to change the Witango_UserReference cookie you can't uses the EXPIRES because it is a session cookie
Ben Johansen
-----Original Message----- From: Roland A. Dumas [SMTP:[EMAIL PROTECTED] Sent: Tuesday, October 07, 2003 12:31 PM To: [EMAIL PROTECTED] Subject: Re: Witango-Talk: resetting userreferencecookie
Thanks I figured I should be able to set @@cookie$witango_userreference to expire and have witango server create a new one on the spot, but there seems to be something very persistent about it. jest won't die.
hmmm.. maybe Fergal knows
On Tuesday, October 7, 2003, at 12:19 PM, Ben Johansen wrote:
I have been trying with my testautocookie.taf and seeing the same thing
I have been looking at it and wanted you to know that there was someone looking at itJ
Ben Johansen - http://www.pcforge.com Authorized Witango & MDaemon Reseller Available for Witango Developement
-----Original Message----- From: Roland A. Dumas [mailto:[EMAIL PROTECTED] Sent: Tuesday, October 07, 2003 12:11 PM To: [EMAIL PROTECTED] Subject: Witango-Talk: resetting userreferencecookie
If I try to rub out the userreference cookie thusly, it comes right
back. How can I kill it and reset in the same request?
@ASSIGN name="Witango_userreference" scope=cookie value="now" expires="Tue, 07-Oct-03 00:00:00 GMT ">
_
_____________________________________________________________________ __ TO UNSUBSCRIBE: Go to http://www.witango.com/maillist.taf << File: ATT00004.att >>
_
__ TO UNSUBSCRIBE: Go to http://www.witango.com/maillist.taf
____________________________________________________________________ _
_
__
TO UNSUBSCRIBE: Go to http://www.witango.com/maillist.taf
____________________________________________________________________ _
_
__
TO UNSUBSCRIBE: Go to http://www.witango.com/maillist.taf
Bill Conlon
To the Point 345 California Avenue Suite 2 Palo Alto, CA 94306
office: 650.327.2175 fax: 650.329.8335 mobile: 650.906.9929 e-mail: mailto:[EMAIL PROTECTED] web: http://www.tothept.com
_____________________________________________________________________ _
_
_
TO UNSUBSCRIBE: Go to http://www.witango.com/maillist.taf
______________________________________________________________________ _
_
TO UNSUBSCRIBE: Go to http://www.witango.com/maillist.taf
______________________________________________________________________ _
_
TO UNSUBSCRIBE: Go to http://www.witango.com/maillist.taf
_______________________________________________________________________ _
TO UNSUBSCRIBE: Go to http://www.witango.com/maillist.taf
_______________________________________________________________________ _
TO UNSUBSCRIBE: Go to http://www.witango.com/maillist.taf<TestURBlank.taf>
________________________________________________________________________ TO UNSUBSCRIBE: Go to http://www.witango.com/maillist.taf
