Bug in HTTP::Cookies?

donfreenut has asked for the wisdom of the Perl Monks concerning the following question:

I've been coding an Everything2 client as a learning exercise. Yesterday I was coding the portion that logs the user in; it posts the appropriate form and gets the cookie from the response to use for future logins.

# build POST request
my $req = HTTP::Request->new('POST', $postURL);  # $postURL is "http:/
+/everything2.org/index.pl"
$req->content_type('application/x-www-form-urlencoded');
$req->content($postData);  # $postData is "op=login&username=FOO&passw
+ord=BAR" or somesuch

# get the page
my $response = $ua->request($req);

if ($response->is_success) {
    # extract the cookie from the response and return the HTTP::Cookie
+s object
    $loginCookieJar->extract_cookies($response);
    $loginCookieJar;
} else {
    die "Could not log in.\n";
}
[download]

The cookie wasn't appearing. I searched Perl Monks and found a similar problem, but the solution was a hand-rolled cookie-stripping function, which sounded like no fun to me.

(On that node, the author talked about "drilling down" into the HTTP::Cookies object to see if his data was there. What's this?)

I mentioned in passing on E2 that I was busy being confused at HTTP::Cookies, and user Cow Of Doom mentioned he'd come across a bug in that package where it could get 3-part domain names (http://www.everything2.org/) but not two-part (http://everything2.org/). He'd discovered it while coding a node tracker for E2, and it had taken him a week to figure out what was wrong.

I went back to my code, added a "www." before my domain names, ran the script, and it worked.

Is this actually a bug, or are we both missing something? If it is a bug, has anyone else run into it?

Comment on Bug in HTTP::Cookies? Download Code

Replies are listed 'Best First'.
Re: Bug in HTTP::Cookies? by damian1301 (Curate) on Jan 30, 2001 at 16:07 UTC
Well, I'm not too sure if this is a bug or not but looking in my temporary internet files I see that all of the cookies have a 'www.' prefix to the web address. So maybe its just a mandatory thing, or does anyone think otherwise. Personally, I use CGI::Cookie because it seems like the easiest thing to use for me and the documentation, as always, is fantastic. Maybe that might help you with your problem. Hope so, later Wanna be perl hacker. Dave AKA damian I encourage you to email me	[reply]
Re: Bug in HTTP::Cookies? by boo_radley (Parson) on Jan 30, 2001 at 16:23 UTC
I apologize in advance for what will be a vague, hand-wave-y sort of answer... Oh wait, no. This should be concise. I found the answer from HTTP::Cookie's POD. My guess is that you're setting a cookie for the domain "everything2.org", where you should be setting it for ".everything2.org". I had this same problem with a script I was running, and it took me a while to find the answer : From the pod, look at the cookie spec sheet. this is from the section marked `domain=DOMAIN_NAME` [download] `Only hosts within the specified domain can set a cookie for a domain a +nd domains must have at least two (2) or three (3) periods in them to + prevent domains of the form: ".com", ".edu", and "va.us". Any domain + that fails within one of the seven special top level domains listed +below only require two periods. Any other domain requires at least th +ree. The seven special top level domains are: "COM", "EDU", "NET", "O +RG", "GOV", "MIL", and "INT".` [download]	[reply] [d/l] [select]


laziness, impatience, and hubris
	PerlMonks

Bug in HTTP::Cookies?

This is an archived low-energy page for bots and other anonmyous visitors. Please sign up if you are a human and want to interact.