server side cookie handling example ...
[1/5] from: petr::krenzelok::trz::cz at: 3-Mar-2003 15:14
Hi,
has anyone example of server side cookie handling? I have cookie string
building func from Maarten's rugby, get-cookie func, but I somehow miss
what to do to send it back to browser :-)
Thanks a lot,
-pekr-
[2/5] from: chris:ross-gill at: 3-Mar-2003 10:00
Hi Petr,
> has anyone example of server side cookie handling? I have cookie string
> building func from Maarten's rugby, get-cookie func, but I somehow miss
> what to do to send it back to browser :-)
Cookies are sent as an HTTP header.
Set-Cookie: NAME=VALUE; expires=DATE; path=PATH; domain=DOMAIN_NAME; secure
Here's a reference: http://wp.netscape.com/newsref/std/cookie_spec.html
- Chris
[3/5] from: maarten:koopmans:surfnet:nl at: 3-Mar-2003 17:30
Here you are, published under the GNU public License (see www.gnu.org).
Copyright 2002 by Maarten Koopmans and Ernie van der Meer.
n-joy.
--Maarten
REBOL
[
Title: "Logic to set and get HTTP cookies"
]
cookies: context
[
data: copy []
url-encode: func
[
{Replaces characters that are not allowed in URLs by their url-encoded
values.}
val [string!]
/local illegal-chars lval
]
[
lval: copy val
illegal-chars: {+%;/?:@= "<>#{}|\^~[]`}
foreach char illegal-chars
[
replace/all lval char join "%" enbase/base to-string char 16
]
return lval
]
url-decode: func
[
val [string!]
/local illegal-chars lval
]
[
lval: copy val
illegal-chars: {+%;/?:@= "<>#{}|\^~[]`}
foreach char illegal-chars
[
replace/all lval join "%" enbase/base to-string char 16 char
]
return lval
]
to-GMT-idate: func
[
"Returns a standard GMT-based Internet date string."
date [date!]
/local str GMT-date
]
[
str: copy {GMT}
GMT-date: date - date/zone
head insert str reform
[
pick ["Mon," "Tue," "Wed," "Thu," "Fri," "Sat," "Sun,"]
GMT-date/weekday
GMT-date/day
pick [ "Jan" "Feb" "Mar" "Apr" "May" "Jun" "Jul" "Aug" "Sep"
"Oct" "Nov" "Dec" ] GMT-date/month
GMT-date/year GMT-date/time ""
]
]
init: func
[
{Reads cookies from the HTTP header.}
/local cookies rule name val
]
[
data: copy []
if cookies: select system/options/cgi/other-headers "HTTP_COOKIE"
[
rule: [ copy name to "=" "=" [ copy val to ";" "; " | copy val to
end ]
(append data reduce [ name url-decode val ])]
parse cookies [ any rule ]
]
;write/append %/tmp/log rejoin [ cookies newline ]
]
set-cookie: func
[
{By default, cookie expires at end of session, path is /, domain is
server, and not secure.}
name [string!] "The cookie's name"
value [string!] "The cookie's value"
expires [date! none!] "Date, should also include time"
path [string! none!] "Path in which cookie should be returned"
domain [string! none!] "Your server or domain"
secure [logic! none!] "Return only over secure channels"
]
[
prin rejoin [{Set-Cookie:} name {=} url-encode value {; }]
all [expires prin rejoin [{expires=} to-GMT-idate expires {; }]]
all [path prin rejoin [{path=} path {; }]]
all [domain prin rejoin [{domain=} domain {; }]]
all [secure prin {secure}]
prin {^/}
]
get-cookie: func
[
{Returns the value of a cookie. Return none if the cookie is not set.}
name [string!] {Name of the cookie.}
]
[
select data name
]
]
[4/5] from: petr:krenzelok:trz:cz at: 3-Mar-2003 18:13
Christopher Ross-Gill wrote:
>Hi Petr,
>>has anyone example of server side cookie handling? I have cookie string
<<quoted lines omitted: 6>>
>Here's a reference: http://wp.netscape.com/newsref/std/cookie_spec.html
>- Chris
OK, thanks a lot ... my problem was I didn't understand when/where
should I put it in my CGI script to be part of header. Now I seem to
have it running. Few questions though -
- have you used multiple cookies? What is the format please? I don't
understand it from the doc - should I issue two separate "Set-Cookie:
..." sequences, or just use several name=value pair with one
Set-Cookie: ...
sequence?
- maybe I have incorrectly understood checksum/secure. I wanted to use
it to generate securely unique IDs, but once I give it the same value,
it returns the same result ... that way I cannot regard following being
secure enough to generate id:
checksum/secure mold now/time/precise
... but then it can be my incorrect understanding of checksum/secure
functionality. ...
-pekr-
[5/5] from: petr:krenzelok:trz:cz at: 3-Mar-2003 18:21
Maarten Koopmans wrote:
> Here you are, published under the GNU public License (see www.gnu.org).
> Copyright 2002 by Maarten Koopmans and Ernie van der Meer.
>
> n-joy.
>
> --Maarten
Hello Maarten,
thanks a lot for your code. Comparing it to your earlier version, I can
see special function for date. What is the purpose of setting GMT date?
Rebol's 'to-idate isn't optimal?
Also - I slightly changed your earlier implementation of set-cookie, as
I never remember what argument goes first :-) So I implemented expires,
secure etc. as function refinements, so I don't send them back to client
if not required (I am not sure it is correct though ....
One suggestion maybe ... you seem to "prin" your partial results .... I
would suggest not doing so - I remember rebol 1.0 days and my first CGI
attempt ... I found out sending results to client in parts is magnitude
slower, than accumulating your results first, and sending in once ... I
can see printing newline at the end of function - that way you don't
give function user chance to accumulate first :-)
Anyway ... your code is very nice and polished, thanks once again!
Cheers,
-pekr-
Notes
- Quoted lines have been omitted from some messages.
View the message alone to see the lines that have been omitted