Closed
Bug 165681
Opened 22 years ago
Closed 22 years ago
Unable to received cookie from a https web site
Categories
(Tech Evangelism Graveyard :: Other, defect)
Tracking
(Not tracked)
RESOLVED
FIXED
People
(Reporter: Pascal.Kreyer, Assigned: nikolai)
References
()
Details
(Whiteboard: user: bugzilla pass: mozilla2)
Attachments
(1 file)
|
15.60 KB,
application/x-gzip
|
Details |
Unable to received any cookies from this site :
https://webmail.bluewin.ch/sslindex_e.html
on this Web browser :
Mozilla 1.1b / Solaris Sparc / Gecko 20020828
Mozilla 1.1b / Windows 2000 / Gecko 20020829
|
||
Comment 1•22 years ago
|
||
Site says cookie is invalid, no idea why. The error message is generated by the
server.
Using Linux 2002-08-29-08.
Whiteboard: user: bugzilla pass: mozilla2
|
||
Comment 2•22 years ago
|
||
How about some steps to reproduce? Just loading that page works fine....
|
|
||
Comment 3•22 years ago
|
||
Steps to reproduce:
1. Goto https://webmail.bluewin.ch/sslindex_e.html
2. Fill in for E-Mail name: bugzilla
3. Fill in for Password: mozilla2
4. Click SSL Login
Actual Results:
Page that says invalid cookie
Expected Results:
Page showing inbox of webmail?
|
|
||
Comment 4•22 years ago
|
||
confirmed on linux too... The site sets a cookie with a Path; I suspect that's
the root of the problem here.
Status: UNCONFIRMED → NEW
Ever confirmed: true
|
||
Comment 5•22 years ago
|
||
Based on boris' comment about the path, this is probably a consequence of bug
155083. If someone can post the set-cookie header showing what was specified in
the path attribute along with the URL at which the set-cookie header was issued,
we can know for sure.
|
|
||
Comment 6•22 years ago
|
||
Assigning to evangelism assuming it is a problem with a bad path attribute. If
that is not the case, then please assign back to me.
Component: Cookies → Europe: East
Product: Browser → Tech Evangelism
Version: other → unspecified
|
|
||
Comment 7•22 years ago
|
||
And really reassigning this time.
Assignee: morse → prokosch
QA Contact: tever → momoi
|
|
||
Comment 8•22 years ago
|
||
How can I see from the nsHttp:5 log from what URL the Set-Cookie is? If it's the
request above the Set-Cookie (guessing here), then the URL is
https://smail.bluewin.ch/cgi-bin/slogin.cgi.
I see Set-Cookie 3 times in the same server response:
(nsHttpTransaction::ParseLine)
Set-Cookie:
PHXID=22DD233BF37468766E134664ECCA27A9070C01EB;Domain=.bluewin.ch;Path=/file
Set-Cookie:
PHXID=22DD233BF37468766E134664ECCA27A9070C01EB;Domain=.bluewin.ch;Path=/mail
(http response)
Set-Cookie:
PHXID=22DD233BF37468766E134664ECCA27A9070C01EB;Domain=.bluewin.ch;Path=/file
PHXID=22DD233BF37468766E134664ECCA27A9070C01EB;Domain=.bluewin.ch;Path=/mail
|
|
||
Comment 9•22 years ago
|
||
The URL is the one that the http request was made to. If indeed it is
https://smail.bluewin.ch/cgi-bin/slogin.cgi
then the path for the request is /cgi-bin. And the response is attempting to
set a cookie for the path /file or /mail. That is in violation of RFC2109, so
that is why the cookie is being refused.
That is exactly the situation that the patch in bug 155083 is detecting. The
issue is an error on the part of this server. If there are only a few
relatively unimportant servers involved, then the problem should be fixed by
evangelism. If, on the other hand, we determine that there are many servers
involved, or that there are some very important servers involved, then we will
back out the fix for bug 155083 and acknowledge that we (along with all the
other major browsers) are not in conformance with RFC2109 on this point.
|
|
||
Comment 10•22 years ago
|
||
About the URL: I was confused by the different numbers for reading and writing.
In the log all reads are prefixed with "1026[8127cc8]"; writes with
"1024[80883b8]". I wasn't certain how you could connect the response with the
request.
Now I see that the request uses a nsHttpTransaction id and that id is also used
with the response. So I gave the correct URL.
Just to be sure, I'm attaching the gziped nsHttp:5 log
|
||
Comment 11•22 years ago
|
||
1. It shows the same problem under Win2k trunk build 2002092308 .
2. I have a problem like this one.
With the latest Trunk Builds incl. Build-ID 2002092308 I get an error showing
that the Cookies are disabled in my browser but I enabled all Cookies and get no
difference with it.
The URL is at german "Deutsche Bank"
https://banking.db24.de/mod/WebObjects/db24
(there is a link to an english version of the page on the upper left)
|
||
Comment 12•22 years ago
|
||
Unable to access a site called http://webmail.netzero.net
I can login to these site using any browser other than Mozilla 1.2a.
This site also uses some Path and it seems Mozilla is not able to handle
that properly.
|
|
||
Comment 13•22 years ago
|
||
Doer, Kanishka,
Please open separate bug reports for your comments 11 and 12. These are
different sites and would have to be evangelised separately.
|
|
||
Comment 14•22 years ago
|
||
OK, I see that kanishka already opened bug 171139 for the problem with
http://webmail.netzero.net (comment 12).
|
|
||
Comment 15•22 years ago
|
||
And Doer opened bug 171235 for the Deutche Bank problem.
|
|
||
Updated•22 years ago
|
Status: NEW → RESOLVED
Closed: 22 years ago
Resolution: --- → FIXED
|
|
||
Comment 16•22 years ago
|
||
Patch for bug 155083 has been backed out. This site should now be working
|
|
||
Comment 17•22 years ago
|
||
Site works with 2002-09-30-10 Linux.
|
||
Updated•10 years ago
|
Product: Tech Evangelism → Tech Evangelism Graveyard
You need to log in
before you can comment on or make changes to this bug.
Description
•