Closed
Bug 138489
Opened 23 years ago
Closed 23 years ago
cookies getting lost when space appears in domain= attribute
Categories
(Core :: Networking: Cookies, defect, P2)
Tracking
()
RESOLVED
FIXED
mozilla1.1beta
People
(Reporter: bear_phillips, Assigned: morse)
References
Details
Attachments
(1 file)
|
1.21 KB,
patch
|
samir_bugzilla
:
review+
alecf
:
superreview+
chofmann
:
approval+
|
Details | Diff | Splinter Review |
I just upgraded to 1.0 RC 1. My site uses apache/mod_perl/auth_cookie for
authentication. When logging in, the site sets three cookies. I turned on
cookie notification and it pops up three times, but only the first two cookies
are set. I don't have this problem with IE or Mozilla 9.9.
I tried setting cookies with a simple perl script using cgi.pm but couldn't
reproduce the problem. If it helps, the piece of perl code in auth_cookie.pm
that sets the cookies looks like:
$r->err_headers_out->add("Set-Cookie" => $cookie);
$r->err_headers_out->add("Set-Cookie" => $cookie2);
$r->err_headers_out->add("Set-Cookie" => $cookie3);
thanks
chad
|
||
Comment 1•23 years ago
|
||
Please read the bug writing guidelines. Can we have a testcase please ? At least the URL of a site we can check against.
|
Reporter | |
Comment 2•23 years ago
|
||
Sorry about not leaving more info. Here is the test case http://members.aafp.org/members/junk.html Just leave everything blank and hit "Enter the Site" Using mozilla 9.9 I get these cookies: Domain Cookie Name aafp.org aafpid aafp.org Auth::AuthCookieHandler_WhatEver members.aafp.org Auth::AuthCookieHandler_WhatEver members.aafp.org Using mozilla 1.0 rc1 I get these cookies: Domain Cookie Name aafp.org Auth::AuthCookieHandler_WhatEver members.aafp.org Auth::AuthCookieHandler_WhatEver members.aafp.org The cookie named aafpid is not being stored when I use 1.0 rc1. thanks chad gphillip@aafp.org
|
||
Comment 3•23 years ago
|
||
On Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.0rc1) Gecko/20020419 I also only get the latter set of cookies. I have not checked if this is correct, though. But if so, it seems to be OS=ALL. pi
|
||
Comment 4•23 years ago
|
||
-> cookies
Assignee: Matti → morse
Component: Browser-General → Cookies
QA Contact: imajes-qa → tever
|
|
Reporter | |
Comment 5•23 years ago
|
||
I found why this is occuring. When my server sets the cookie it uses mod_perl and
$r->err_headers_out->add("Set-Cookie" => $cookie);
The $cookie contained "aafpid=7160134; path=/; domain= .aafp.org; "
Notice the extra space between domain= and .aafp.org. I took out the space and
now Mozilla 1.0rc1 picks it up fine. With the space, Mozilla 1.0 would drop the
cookie. Mozilla .99 and earlier and IE were more forgiving had no problems with
the space.
Anyway, I not sure if this should be considered a Mozilla bug.
|
Assignee | |
Comment 6•23 years ago
|
||
Yes, it should be considered as a mozilla bug since it's something we can easily fix and something that IE handles correctly. However, now that the cause is known, I would no longer consider it as major.
Severity: major → normal
Status: UNCONFIRMED → ASSIGNED
Ever confirmed: true
Target Milestone: --- → mozilla1.0.1
|
|
Reporter | |
Comment 7•23 years ago
|
||
I made a test case for this. It is at http://members.aafp.org/cgi-bin/test.pl I should set a cookie with this: name=mozilla value=test domain= .aafp.org With the 4-17 build, the cookie does not get set because of the extra space in the domain name. thanks chad
|
|
Assignee | |
Updated•23 years ago
|
Target Milestone: mozilla1.0.1 → mozilla1.1alpha
|
|
Assignee | |
Updated•23 years ago
|
Summary: cookies getting lost → cookies getting lost when space appears in domain= attribute
|
|
Assignee | |
Updated•23 years ago
|
Priority: -- → P2
Target Milestone: mozilla1.1alpha → mozilla1.1beta
|
|
Assignee | |
Comment 8•23 years ago
|
||
Unable to use either of the posted examples cited in this report. So, instead,
here is an example that demonstrates the problem:
<html>
<body>
<script>
document.cookie = "a=b;domain= .netscape.com";
</script>
</body>
</html>
and upload this to some user account in my.webpage.com (of course you need
to open a free netscape account first). Alternately you can upload this to any
server of your choice and change the " .netscape.com" in the example above to
reflect the domain of your server.
To demonstrate this test, bring up the page in the browser and then use the
cookie manager to see if the cookie gets set. It should, but due to this bug it
is not getting set.|
|
Assignee | |
Comment 9•23 years ago
|
||
|
||
Comment 10•23 years ago
|
||
Comment on attachment 90565 [details] [diff] [review] remove leading spaces in domain attribute sr=alecf
Attachment #90565 -
Flags: superreview+
|
||
Comment 11•23 years ago
|
||
Comment on attachment 90565 [details] [diff] [review] remove leading spaces in domain attribute r=sgehani
Attachment #90565 -
Flags: review+
|
|
Assignee | |
Comment 12•23 years ago
|
||
Checked in on trunk.
Status: ASSIGNED → RESOLVED
Closed: 23 years ago
Resolution: --- → FIXED
|
||
Comment 13•23 years ago
|
||
Comment on attachment 90565 [details] [diff] [review] remove leading spaces in domain attribute a=chofmann for 1.0.1, if there are any addtional test cases or side effects that can be tested for lets get them in this bug. add the fixed1.0.1 keyword after checking into the branch.
Attachment #90565 -
Flags: approval+
|
|
||
Updated•23 years ago
|
Keywords: mozilla1.0.1+
|
||
Comment 14•22 years ago
|
||
If this can be checked in ASAP for 1.0 branch it could still make 1.0.1 Approved for branch on 7/11
|
|
Assignee | |
Comment 15•22 years ago
|
||
It's not been checked into the branch because it never received adt approval.
You need to log in
before you can comment on or make changes to this bug.
Description
•