On today's cvs-tip on my local machine, I get: relogin.cgi: Use of uninitialized value in join or string at /usr/lib/perl5/5.8.1/CGI/Cookie.pm line 162., referer: http://localhost/bugzilla-tip/show_bug.cgi?id=1 I also get the same warning from createaccount and show_bug. Here's the CGI::Cookie code around that area for perl 5.8.1: 161: my($key) = escape($self->name); 162: my($cookie) = join("=",$key,join("&",map escape($_),$self->value)); 163: return join("; ",$cookie,@constant_values); That's in a function called as_string. It's called by this code in CGI::Cookie: use overload '""' => \&as_string, 'cmp' => \&compare, 'fallback'=>1; The documentation says this: Internally, Cookie overloads the "" operator to call its as_string() method when incorporated into the HTTP header. as_string() turns the Cookie's internal representation into an RFC-compliant text representation. You may call as_string() yourself if you prefer: print "Set-Cookie: ",$c->as_string,"\n"; Is this a BZ bug or a CGI::Cookie bug? -M
Probably a bugzilla bug. Can you print out the cookie key/value pairs, so that we can see which ones are the issue?
Here's what I've got for localhost in my cookies.txt: localhost FALSE /bugzilla-tip/ FALSE 2145916801 VERSION-TestProduct other localhost FALSE /bugzilla-tip/ FALSE 2145916801 BUGLIST 1 localhost FALSE / FALSE 2145916801 Bugzilla_logincookie 1 localhost FALSE / FALSE 2145916801 Bugzilla_login 1 It might also be related to the fact that I have an old "/" cookie that stuck around from before I changed the cookiepath. (Of course, Bugzilla administrator will be in that situation, at least at first.) -M
I don't know how to create patches, and I don't use the CVS version, but here's how to fix this problem: in Bugzilla/Auth/CGI.pm, add "-value => ''" to any $cgi->send_cookie() call that is missing it. Because -value isn't specified, Cookie.pm would choke. For example, in the sub logout(), change: $cgi->send_cookie(-name => "Bugzilla_login", -expires => "Tue, 15-Sep-1998 21:49:00 GMT"); to $cgi->send_cookie(-name => "Bugzilla_login", -value => '', -expires => "Tue, 15-Sep-1998 21:49:00 GMT");
Status: UNCONFIRMED → NEW
Ever confirmed: true
Created attachment 161264 [details] [diff] [review] kiko_v1: centralize fix The original patch is correct, but we can avoid fixing in two places by clearing using a single function. For reference, http://www.perldoc.com/perl5.8.0/lib/CGI/Cookie.html tells me that value is indeed required. Tested fix, works.
Assignee: rsiklos → kiko
Attachment #161054 - Attachment is obsolete: true
Status: NEW → ASSIGNED
forgive me if this question is naive, but won't the solution in attachment 1612648 clear ALL the bugzilla cookies? Isn't this bad? Wouldn't you want to keep the ones that store info like column display/sort settings, stagger headers, etc.?
OS: All → Linux
Hardware: All → PC
(In reply to comment #6) > forgive me if this question is naive, but won't the solution in attachment > 1612648 clear ALL the bugzilla cookies? No, just the named cookies: - "Bugzilla_login" - "Bugzilla_logincookie" Why did you think it would clear all cookies? The only change done is value="" which is actually required by the Cookie.pm spec.
yeah, sorry - you're totally right - nevermind :)
This is worthy of a backport to 2.18. I hate messy server logs. It'll need a new patch for 2.18, the CGI files moved since we branched.
Target Milestone: --- → Bugzilla 2.18
Created attachment 162118 [details] [diff] [review] rsiklos_2.18_v1 Patch attached for 2.18 branch
Assignee: kiko → rsiklos
OS: Linux → All
Hardware: PC → All
Checking in Bugzilla/Auth/CGI.pm; /cvsroot/mozilla/webtools/bugzilla/Bugzilla/Auth/Attic/CGI.pm,v <-- CGI.pm new revision: 188.8.131.52; previous revision: 1.7 done Checking in Bugzilla/Auth/Login/WWW/CGI.pm; /cvsroot/mozilla/webtools/bugzilla/Bugzilla/Auth/Login/WWW/CGI.pm,v <-- CGI.pm new revision: 1.4; previous revision: 1.3 done
Status: ASSIGNED → RESOLVED
Last Resolved: 14 years ago
Resolution: --- → FIXED
Thanks for tracking this one down Rob.
You need to log in before you can comment on or make changes to this bug.