Forum OpenACS Q&A: lynx, cookies and ACS sessions

I setup OpenACS and tried to access using lynx. Everytime I would log in it would give me the login screen suggesting I may have cookies turned off. I have used lynx before on cookie sites and it seems to work fine. So I tried with netscape and it works. I download the python program httpMonitor to see what was the difference... and it seems that lynx doesn't like cookies with commas in them. It truncates the value at the comma.

The spec at http://home.netscape.com/newsref/std/cookie_spec.html also states that the cookie cannot contain semi-colon,comma or white space.

Here is a sample of the output of http sniffer:

RESPONSE
HTTP/1.0 http://192.168.32.21:8000/pvt/home.tcl 302 Found
Set-Cookie:
ad_session_id=132,0,ukaj9bTODpXp0LGxZViYMR1QPQoT5NAD,988017574;
Path=/; Max-Age=86400
Location:
http://192.168.32.21:8000/register/index.tcl?return_url=%2fpvt%2fhome%2etcl
Content-Type: text/html; charset=iso-8859-1
MIME-Version: 1.0
Date: Mon, 23 Apr 2001 09:19:34 GMT
Server: AOLserver/3.2+ad12
Content-Length: 357
Connection: close

REQUEST
GET
http://192.168.32.21:8000/register/index.tcl?return_url=%2fpvt%2fhome%2etcl
Host: 192.168.32.21:8000
Accept: text/html, text/plain, application/vnd.rn-rn_music_package,
application/x-freeamp-theme, audio/mp3, audio/mpeg, audio/mpegurl,
audio/scpls, audio/x-mp3, audio/x-mpeg, audio/x-mpegurl,
audio/x-scpls, audio/mod, image/*, video/*, video/mpeg
Accept: application/pgp, application/pgp, application/pdf,
message/partial, message/external-body, application/postscript, x-be2,
application/andrew-inset, text/richtext, text/enriched,
x-sun-attachment, audio-file, postscript-file, default, mail-file
Accept: sun-deskset-message, application/x-metamail-patch, text/sgml,
video/mpeg, image/jpeg, image/tiff, image/x-rgb, image/png,
image/x-xbitmap, image/x-xbm, image/gif, application/postscript,
*/*;q=0.01
Accept-Encoding: gzip, compress
Accept-Language: en
User-Agent: Lynx/2.8.4dev.7 libwww-FM/2.14
Referer: http://192.168.32.21:8000/
Cookie2: $Version="1"
Cookie: ad_browser_id=129; ad_session_id=130; ad_user_login=3


So did I miss something?

Should the values for the cookies be encoded?

Has anyone else had issues with lynx and ACS?

Thought aD'ers often drop by here, I think you should bring this directly to their attention, either via web/db or by e-mailing someone  like Bryan Quinn.

I realize now why the only opera user of my personal site has had problems with my cookies...

Problem with Your Input

   to ArsDigita
     _________________________________________________________________

   We had a problem processing your entry:
     * You must supply a value for topic

   Please  back  up  using  your  browser,  correct it, and resubmit your
   entry.
     
   Thank you.
     _________________________________________________________________
     
     
    webmaster@arsdigita.com

Anyone have a recommendation on a debug proxy that does a good job of printing out cookies and headers and the such? I am not convinced that httpMonitor is transparent to the session since there were some issues of Netscape not redirecting correctly.

Changing:

	set cookie "$name=$value"

	set cookie "$name="$value""

Can anyone suggest the proper patch to the ad_get_cookie so it will also be backward compatible?

Also, is there anything that works with TCL that makes it easy to jump to the definition of a proc? Does tags work with TCL?

Thanks.

    set cookie "$name="$value""

    if { $include_set_cookies == "t" } {
        set headers [ns_conn outputheaders]
        for { set i 0 } { $i < [ns_set size $headers] } { incr i } {
            if { ![string compare [string tolower [ns_set key $headers $i]] "set-cookie"] && 
                    [regexp "^$name="([^"]+)"" [ns_set value $headers $i] "" "value"] } {
                return $value
            }
        }
    }

    set headers [ns_conn headers]
    set cookie [ns_set iget $headers Cookie]
    if { [regexp "$name="([^"]+)"" $cookie match value] } {
        return $value
    }
    if { [regexp "$name=([^;]+)" $cookie match value] } {
        return $value
    }

I could use this... I *think* I can tell where they got missed
out, but it would be nice to see them, rather than having to guess,
and put them back in until it works 😊

Assuming this works (and I can't see why it shouldn't), we should
probably get this into OpenACS 3.2.6.

Meanwhile (Ben/Roberto/Don), if someone could apply this change to
OpenACS.Org itself, that would be helpful.

Bug report and patch is ideal.  There are patches to the SDM so you
can tell it that patch#N fixes bug#M etc, but they are not live on
OpenACS.Org (Ben -- are they working well enough to use here?).

So for now, just submit a bug report against the SDM module, and in
the description say "fixed by Path #whatever".  I think that's the
best we can do with the SDM as it now stands.