AltME groups: search

Bug:

The old inconsistent bug of failing to copy the text of a message 
by simple right-click prevented me from copying Oldes' message with 
the long referrer link and cookie data in it, so I selected the message 
text first before right-click. That worked, but then all messages 
in the display began disappearing (looks like a shared para scroll 
bug). Even switching groups. Right now I'm looking at !AltME with 
several blank messages - only the dates appear normally.

why do u have Content-Length: 0 ?
this is not valid Set-Cookie: cookies here ...

this is the request


GET /md/creategoogledoc.rsp?gdoc=simple-letter.rtf&patientid=2832&encounter=none 
HTTP/1.1
Host: gchiu.no-ip.biz:8000

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.2) 
Gecko/20090729 Firefox/3.5.2 (.NET CLR 3.5.30729)

Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 300
Connection: keep-alive
Referer: http://gchiu.no-ip.biz:8000/md/Listgoogledocs.rsp
Cookie: RSPSID=QZPTPCZIWWMMYBKWHWRQETGM

ok here is the answer from Cheyenne:
HTTP/1.1 301 Moved Permanently
Server: Cheyenne/0.9.20
Date: Thu, 20 Aug 2009 09:43:23 GMT
Connection: close

Location: http://docs.google.com/Doc?docid=0AcdrOHdpKfrWZGZwd3Z4MmJfMnNxcDJkNmZu&hl=en
Set-Cookie: RSPSID=OTWARJZIFLZYABVJOACFFTZY; path=/md; HttpOnly

answer from the redirection:
HTTP/1.1 302 Moved Temporarily
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Date: Wed, 19 Aug 2009 21:43:58 GMT

Set-Cookie: WRITELY_UID=001dfpwvx2b|928b9de9e7bf56448b665282fc69988b; 
Path=/; HttpOnly

Set-Cookie: GDS_PREF=hl=en;Expires=Sat, 17-Aug-2019 21:43:58 GMT;HttpOnly

Set-Cookie: SID=DQAAAHcAAAB0kldc4zZSC_0FoiL6efkWE11k9SQkAIn-N3WfAzIOVe1cM-remnLUtV3Z4M-BFRf5eknz7hr_U3YzW94nECo0-aDnpxrLGiBglWGN4VkfLr5Hh7t2XNyRCA3VWd005SfCmZ9D8-1MUltjRI8X56VLde5Wy8HD92gh-8YkJBJxQA;Domain=.google.com;Path=/;Expires=Sat, 
17-Aug-2019 21:43:58 GMT

Location: https://www.google.com/accounts/ServiceLogin?service=writely&passive=true&nui=1&continue=http%3A%2F%2Fdocs.google.com%2FDoc%3Fdocid%3D0AcdrOHdpKfrWZGZwd3Z4MmJfMnNxcDJkNmZu%26amp%3Bhl%3Den&followup=http%3A%2F%2Fdocs.google.com%2FDoc%3Fdocid%3D0AcdrOHdpKfrWZGZwd3Z4MmJfMnNxcDJkNmZu%26amp%3Bhl%3Den&ltmpl=homepage&rm=false
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Length: 325
Server: GFE/2.0

more redirection:
HTTP/1.1 302 Moved Temporarily

Set-Cookie: WRITELY_SID=DQAAAHoAAADh80lBIw7e5Hg06TLEBgCY33XQGJ1aUH5OrCF_ir1xLwffKNaCqNdUL6qYfvgjNppDBI4lTNBSTjJWMG_Ze0_qJnveBCAtihBDFwBlOb-H7RlkfgJwM7pBbyKV7bm4M3mqUivD1emtpxgl32vG8CEP1poQ2479HQXrlobsp7Egzw;Domain=docs.google.com;Path=/;Expires=Thu, 
03-Sep-2009 21:43:59 GMT

Location: http://docs.google.com/Doc?docid=0AcdrOHdpKfrWZGZwd3Z4MmJfMnNxcDJkNmZu&amp%3Bhl=en&pli=1
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Wed, 19 Aug 2009 21:43:59 GMT
Expires: Wed, 19 Aug 2009 21:43:59 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
Content-Length: 232
Server: GFE/2.0

and the the target page:
HTTP/1.1 200 OK

Set-Cookie: WRITELY_SID=DQAAAHoAAADh80lBIw7e5Hg06TLEBgCY33XQGJ1aUH5OrCF_ir1xLwffKNaCqNdUL6qYfvgjNppDBI4lTNBSTjJWMG_Ze0_qJnveBCAtihBDFwBlOb-H7RlkfgJwM7pBbyKV7bm4M3mqUivD1emtpxgl32vG8CEP1poQ2479HQXrlobsp7Egzw;Domain=docs.google.com;Path=/;Expires=Thu, 
03-Sep-2009 21:43:59 GMT

Set-Cookie: GDS_PREF=hl=en;Expires=Sat, 17-Aug-2019 21:43:59 GMT;HttpOnly

Set-Cookie: user=; Expires=Tue, 18-Aug-2009 21:43:59 GMT; Path=/; 
HttpOnly

Set-Cookie: login=; Expires=Tue, 18-Aug-2009 21:43:59 GMT; Path=/; 
HttpOnly
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Date: Wed, 19 Aug 2009 21:43:59 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
Server: GFE/2.0

Anyone see why this doesn't work 

grab-cookie: func [  login-url [url!] username password
    /target web-app-url [url!]
    /local page auth cookie err
][
    if error? set/any 'err try [
        page: open login-url
        cookie: page/locals/headers/set-cookie
        close page
        auth: rejoin [ "login=" username "&pass=" password ]

        page: read/custom login-url compose/deep [ POST (auth) [ cookie: 
        (cookie)]]
        either target [

            page: read/custom web-app-url compose/deep [ GET "" [ cookie: (cookie)]]
            return page
        ][ return cookie  ]
    ][
        mold disarm err
    ]
]   


I can see it sending the cookie after authentication to get a page 
in a web-app, but I get redirected to the login age

Grab-cookie: does your 'username or 'password values contain any 
special character that would need to be URL-encoded?

set-cookie docs don't exist and it says n/a .. does this mean the 
word is not there any more or something else? Do I have to manually 
set http response headers to set cookies?

Set-cookie is on the todo list but hasn't been implemented yet. So, 
for now, you have to set http header manually.

request/headers/cookie

Some advantages to the ws:// spec

- Seamlessly traverse firewalls and routers
- Allow duly authorized cross-domain communication
- Integrate well with cookie-based authentication
- Integrate with existing HTTP load balancers
- Be compatible with binary data

That comes from the way web socket's connection are initiated, it 
starts like a simple HTTP GET request and the server is supposed 
to validate that request, check access authorization if required, 
etc... So, to avoid duplicating work, I choose to re-use RSP framework 
as much as possible. The initial ws:// URL must point to a valid 
RSP script so that the server can check, for example, RSP session 
cookie for access rights.

Updated version of Doc's chat example.. 
- Enter key support for login and posting chats
- Cookie mgmt for user name
- various "tweaks" to the JQuery 

chat2.html:  http://pastebin.com/m66a38d50

That chat.html I made was a quick hack of yours. Need to build proper 
cookie mgmt functions.. deal with sessions etc.

if you want to let users login, then you need to track a session 
cookie

This is what I am sending

HTTP/1.1 200 OK
Server: Cheyenne/0.9.20
Date: Thu, 02 Dec 2010 15:33:25 GMT
Content-Length: 475
Content-Type: application/vnd.adobe.xfdf
Connection: Keep-Alive
Content-Encoding: deflate
Set-Cookie: RSPSID=XESYTVZSEFSXPQHCTITGRDQG; path=/md; HttpOnly
Cache-Control: private, max-age=0
Expires: -1


Firefox opens up the PDF referenced in the xfdf file that is downloaded.

Chrome just downloads and saves the content.  So maybe it's just 
Chrome's PDF "plugin" that doesn't understand what to do ...

Doc, I'm thinking this version fixed my cookie issue with Curecode 
. We'll see. So far it looks great. Merci.

ehh... sessions are not lazily created either... and i couldn't even 
set-header 'set-cookie none session/end because it sends down 2 cookies 
then...

Cookie	{RSPSID=YVCBKGUZKHKSJGXVCBSTYDIK; RSPSID=YARKPZJMKJUNWDZRFOLUKJTE}
login	"test"
pass	"letmein"
Session ID	"YARKPZJMKJUNWDZRFOLUKJTE"

yes, it's not sending the cookie as i would expect on the 2nd run

$ cat jar
# Netscape HTTP Cookie File
# http://curl.haxx.se/rfc/cookie_spec.html
# This file was generated by libcurl! Edit at your own risk.


#HttpOnly_guan-huat     FALSE   /       FALSE   0       RSPSID  MTXVGMVOMYMVGDZKFURKPQKK

You should stick with REBOL HTTP client, using this patch to add 
transparent cookie support: http://www.rebol.org/view-script.r?script=my-http.r

u know if rebol would come w a nicer header dump, cookie, https and 
url encode/decode support by default, i would advocate it as a curl 
replacement probably... :/

maybe an extension script would be enough, which anyone can remember, 
like http://json.org/json.r

hmm.. cookies are accumlating again... Cookie: RSPSID=GWKAQXFYMANHFHNXLXXKVVWL; 
RSPSID=VDWMLITKUVGDAFQBHJHHCQDH

but the app still works. am i confusing it somehow, by restarting 
cheyenne... but im closing the tab and reopening it too...

because it always gets sent w all the http requests then, if it's 
stored in a cookie. so if u have images in the same domain(/folder) 
for example, then data is sent for those too

yeah, using cookies for storage isn't a good idea... also since many 
people are using cookie controlers now.

It might be a good idea to patch in Cyphre's cookie handling support 
as well http://www.rebol.org/view-script.r?script=my-http.r

actually thinking about it, it should really be 


   port/locals/headers: headers: Parse-Header HTTP-Header save-header 
   headers


as parse-header will remove duplicate header lines .. ie. if there 
is more than one cookie header, the parse-header function loses all 
but one.

OK, this morning, I went into FF's Cookie browser and searched for 
cookies from my domain where curecode is. There were none.  I went 
to view my curecode page and it was not going to work. I know this 
because the project select shows "none." I then went back to the 
cookies section and there was one for the domain. I deleted that, 
refreshed the curecode page and it worked. 

Now, one thing about my usual usage of curecode and that is during 
any given day, I will end up logging in several times after my sessions 
expire.

0.9.11 beta. Sometimes I am redirected to the login screen but the 
selection  is none and from there it will go to the rsp error. Thanks. 
Knowing that I can remove that cookie is pretty easy.

Doc, I still have issues with the cookies created from Curecode. 
Essentially, when I leave the browser open and the session expires, 
the next time I try to use curecode, it loads up the error page. 
I just manually delete the cookie and I'm good and I have extended 
the timeout as well which helps. I was wondering in the httpd.cfg 
file if there is any value for curecode's timeout that will make 
it endless (perhaps "none" ? ). Thanks. It is a very usefule app.

I use FF 5.0 (just upgraded this morning though. Previously it was 
4.0.1). As far as cookie altering tools, not that I know of, though 
I was wondering if AVG could be doing something. Anyway, I just cost 
you a few lost Red minutes. I'll wait until it happens again.
Thanks.

I think this is a Graham question. I've been trying to communicate 
with this video encoder. It uses .xml and .cgi files to talk to it:
tmp: http-tools http://192.168.1.62/user/GetTTLStatus.xml[]
and this works fine.


The problem is with he .cgi files. They aren't POST files but they 
only return 

 a: http-tools http://192.168.1.62/user/StorageMediaFiles.cgi[] probe 
 a
make object! [
    HTTP-Response: "<?xml version='1.0' encoding='ISO-8859-1' ?>"
    Date: none
    Server: none
    Last-Modified: none
    Accept-Ranges: none
    Content-Encoding: none
    Content-Type: none
    Content-Length: none
    Location: none
    Expires: none
    Referer: none
    Connection: none
    Set-Cookie: none
]
When you place the url in a browser it works as expected. 
Any ideas on how to get this to work?

And you're right, there is probably something else going on. I am 
at least getting part of the message. A successful .xml call looks 
like this:

a: http-tools http://192.168.1.62/user/StorageEventMode.xml[] probe 
a
make object! [
    HTTP-Response: "HTTP/1.1 200 OK"
    Date: none
    Server: "Mango DSP - HTTP Server (v2.34)"
    Last-Modified: none
    Accept-Ranges: none
    Content-Encoding: none
    Content-Type: "text/xml"
    Content-Length: "270"
    Location: none
    Expires: none
    Referer: none
    Connection: none
    Set-Cookie: none
    Cache-Control: "no-store"
    content: {<?xml version="1.0" encoding="ISO-8859-1" ?>
<?xml-stylesheet type="text/xsl" href="StorageEventMode.xsl"?>
<StorageEventMode>
^-<RecOnNetworkFailure id="RecOnNetworkFailure" checked="true"/>
^-<PreEventBufferTime id="PreEventBufferTime" value="20"/>
</StorageEventMode>
}
]