Beefy Boxes and Bandwidth Generously Provided by pair Networks
P is for Practical

Re: Re: Loging a user out with CGI and Cookies?

by dvergin (Monsignor)
on Apr 16, 2001 at 03:13 UTC ( #72712=note: print w/replies, xml ) Need Help??

in reply to Re: Loging a user out with CGI and Cookies?
in thread Loging a user out with CGI and Cookies?

Trimbach, you may be half right. But it is possible to accomplish this without a two-step process.

First, the browser can indeed handle the cookie header and the "Location: ..." header line in the same server response. The Location line must come last and it must end with two new-lines.

But I can find no indication in my quick re-visiting of the docs that the CGI redirect function allows the specification of a cookie along with the redirect. (Update: but see the following response by athomason.) And the CGI pod says don't print a header along with a redirect.

So I accomplish this manually:

print "Set-Cookie: $usr=x;expires=-1d\n"; print "Location:\n\n";
There may be a gotcha here but I haven't run into it.

BTW, are you sure that $in{usr} and $usr have the same value? That would, of course, be crucial to what you are trying to do.

Replies are listed 'Best First'.
Re: Re: Re: Loging a user out with CGI and Cookies?
by athomason (Curate) on Apr 16, 2001 at 05:53 UTC
    As dvergin points out, browsers are perfectly capable of handling cookies sent with redirects. Fortunately, also supports it, though you have to dig a bit to be sure. The CGI pod indeed does not mention such a procedure, but it is supported. Browsing the code of the redirect sub in you can see:
    #### Method: redirect # Return a Location: style header # #### 'redirect' => <<'END_OF_FUNC', sub redirect { my($self,@p) = self_or_default(@_); my($url,$target,$cookie,$nph,@other) = $self->rearrange([[LOCATION +,URI,URL],TARGET,COOKIE,NPH],@p); $url = $url || $self->self_url; my(@o); foreach (@other) { tr/\"//d; push(@o,split("=",$_,2)); } unshift(@o, '-Status'=>'302 Moved', '-Location'=>$url, '-nph'=>$nph); unshift(@o,'-Target'=>$target) if $target; unshift(@o,'-Cookie'=>$cookie) if $cookie; unshift(@o,'-Type'=>''); return $self->header(@o); }

    Note in particular the -Cookie bit. And nicely enough, this actually works as intended. I've used bits like the following successfully:

    $cookie = cookie( -name => $COOKIE_NAME, -value => $session_key, -expires => $COOKIE_EXPIRE, -path => $SCRIPT_PATH, -domain => $SCRIPT_DOMAIN, -secure => 0 ); ... print redirect( -uri => 'view.cgi', -cookie => $cookie );

    I admit I'm not sure why OP's bit fails. r.jospeh, take a look at the cookie files for the site you're connecting to in order to make sure they're correct. Offhand, I'd suspect (like dvergin) a difference in $in{usr} and $usr is the problem. If not, you could set up a dirty HTTP server (with HTTP::Daemon, for instance) to see what's going on with your logout cookie.

Log In?

What's my password?
Create A New User
Domain Nodelet?
Node Status?
node history
Node Type: note [id://72712]
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others making s'mores by the fire in the courtyard of the Monastery: (1)
As of 2021-10-22 00:07 GMT
Find Nodes?
    Voting Booth?
    My first memorable Perl project was:

    Results (85 votes). Check out past polls.