Accomodating Netscape-style cookies?

• Messages sorted by: [ date ][ thread ][ subject ][ author ]
• Next message: Kartik Subbarao: "Accomodating Netscape-style cookies?"
• Previous message: Csaba Tanczos: "frames to extract/download"
• Next in thread: Gisle Aas: "Re: Accomodating Netscape-style cookies?"
• Reply: Gisle Aas: "Re: Accomodating Netscape-style cookies?"

I'm trying to use HTTP::Cookies to talk to a web application that
follows the "looser" Netscape-style Cookie definition 

http://www.netscape.com/newsref/std/cookie_spec.html

as opposed to the more "strict" definition specified in RFC 2109.

Specifically, this application generates cookies with the pattern of
domain=foo.bar.com from the host foo.bar.com. It also generates 
cookies with domain=.bar.com from baz.foo.bar.com. Both of these are 
verboten according to RFC 2109, but Netscape works fine with them.

I can't change the web application. What I've been doing so far is 
manually munging the host field in the URL, baz.foo.bar.com, to 
baz-foo.bar.com, before calling extract_cookies(). I haven't found 
a satisfactory way to deal with domain=foo.bar.com, since 
extract_cookies automatically prepends a '.', and then it no longer 
matches the hostname.

One thing I was thinking of doing was adding some pacifying logic
to extract_cookies, wrapped around if ($netscape_cookie). For example,
not automatically prepending '.' to the domain name, and allowing
baz.foo.bar.com to set a cookie for .bar.com.

I suspect that Gisle and others have probably wrestled with this issue
before. Any suggestions? Do people think a patch that accomodated
Netscape-style cookie specification would make sense?

	-Kartik

• Next message: Kartik Subbarao: "Accomodating Netscape-style cookies?"
• Previous message: Csaba Tanczos: "frames to extract/download"
• Next in thread: Gisle Aas: "Re: Accomodating Netscape-style cookies?"
• Reply: Gisle Aas: "Re: Accomodating Netscape-style cookies?"