DO NOT REPLY [Bug 12172] New: - Path specification when setting a cookie with mod_rewrite

From: <bugzilla(at)apache.org>
Date: Thu Aug 29 2002 - 13:54:27 EDT

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://nagoya.apache.org/bugzilla/show_bug.cgi?id=12172>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND INSERTED IN THE BUG DATABASE. http://nagoya.apache.org/bugzilla/show_bug.cgi?id=12172

Path specification when setting a cookie with mod_rewrite

           Summary: Path specification when setting a cookie with
                    mod_rewrite
           Product: Apache httpd-2.0
           Version: 2.0.40
          Platform: All
        OS/Version: All
            Status: NEW
          Severity: Enhancement
          Priority: Other
         Component: mod_rewrite
        AssignedTo: bugs@httpd.apache.org
        ReportedBy: apachebugs@robcromwell.com
                CC: slive@apache.org

Currently, when setting a cookie using the cookie|CO RewriteRule flag there is no ability to specify the path of the cookie.

'cookie|CO=NAME:VAL:domain[:lifetime]' (set cocookie)

I suggest adding a second optional parameter to specify the path of the cookie. By adding it as an optional parameter, there won't be any conflicts with existing cookie RewriteRules.

'cookie|CO=NAME:VAL:domain[:lifetime][:path]' (set cocookie)

I've modified the add_cookie function below to work with the new path field.

---

static void add_cookie(request_rec *r, char *s) {

    char *var;
    char *val;
    char *domain;
    char *expires;
    char *path;

    char *tok_cntx;
    char *cookie;

    if (s) {

        var = apr_strtok(s, ":", &tok_cntx);
        val = apr_strtok(NULL, ":", &tok_cntx);
        domain = apr_strtok(NULL, ":", &tok_cntx);
        expires = apr_strtok(NULL, ":", &tok_cntx);
        path = apr_strtok(NULL, ":", &tok_cntx);

        if (var && val && domain) {
            /* FIX: use cached time similar to how logging does it */
            cookie = apr_pstrcat( r->pool,
                                  var,
                                  "=",
                                  val,
                                  "; path=",


                                  (path)? path : "/",


                                  "; domain=",
                                  domain,


                                  (expires)? "; expires=" : NULL,


                                  (expires)? ap_ht_time(r->pool,


                                                        r->request_time +
                                                        apr_time_from_sec(60 * 
atol(expires)),
                                                         "%a, %d-%b-%Y %T GMT", 
1)
                                           : NULL,
                                  NULL);


            /*
             * XXX: should we add it to err_headers_out as well ?
Do you need more help?
In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software:
Learn more about Pantek's Technical Support offerings
Place an order for 24/7/365 Technical Support here
Learn more about Pantek, who we are, and what we do
Chat with a Live Operator
Related httpd.apache.org Links
announce
bugs
cvs
dev
docs
gui-dev
modproxy-dev
packagers
testers
Request more information about Pantek
             * if we do we need to be careful that only ONE gets sent out
             */
            apr_table_add(r->headers_out, "Set-Cookie", cookie);
            rewritelog(r, 5, "setting cookie '%s' to '%s'", var, val);
        }

    }
}

---

To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org For additional commands, e-mail: bugs-help@httpd.apache.org Received on Thu Aug 29 17:58:18 2002