[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 404
  • Last Modified:

Perl CGI.pm cookie setting and redirects

Hello,

I have a Perl script that needs to be able to run on any os/webserver/browser. I have used a variety of cookie setting methods, but have recently been using:

$cgiURL = "http://www.mysite.com/cgi-bin/myscript.cgi";
my $cookie = $q->cookie( -name      => "cookie_name",
                           -value => "myValue",
                          -path => '/',
                          -expires => "+1y" );

print $q->redirect(-uri => "$cgiURL", -cookie => $cookie);

However, this doesn't work with IIS 5.0. I guess I could go back to a previous way:

print "Set-Cookie: $cookie\n";
print "Content-Type: text/html\n\n";
print "<meta http-equiv=\"refresh\" content=\"0; URL='$cgiURL'\">";

But I don't really like the refresh way of doing it =) Does anyone have any ideas on some cookie setting/redirect code that will work on "all" web servers and is browser compliant?
0
emartin24
Asked:
emartin24
  • 6
  • 4
  • 2
1 Solution
 
ahoffmannCommented:
could you please post the generated header from this script
0
 
emartin24Author Commented:
how do I get/find the generated header?
0
 
ahoffmannCommented:
simply start your script from command line

or test with something like:

perl -MCGI -le '$cgiURL="http://www.dom.tld/";$q=new CGI;$c=$q->cookie(-name=>"key",-value=>"val",-path=>"/",-expires=>"+1y");print $q->redirect( -uri=>$cgiURL, -cookie=>$c);'

# keep in mind that in cmd.exe you may have trouble with quotes
0
Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

 
emartin24Author Commented:
I switched the ''s and "'s to:
perl -MCGI -le "$cgiURL='http://www.emalbum.com';$q=new CGI;$c=$q->cookie(-name=>'key',-value=>'val',-path=>'/',-expires=>'+1y');print $q->redirect( -uri=>$cgiURL, -cookie=>$c);"

and got:
Status: 302 Moved
Set-Cookie: key=val; path=/; expires=Sun, 09-Apr-2006 20:51:48 GMT
Date: Sat, 09 Apr 2005 20:51:48 GMT
Location: http://www.emalbum.com

Since it's not going through IIS, I don't know if that really tells anything? Any ideas?
0
 
emartin24Author Commented:
In the browser, I get:
Status: 302 Moved
Set-Cookie: key=val; path=/; expires=Mon, 02-Apr-2035 20:55:41 GMT
Date: Sat, 09 Apr 2005 20:55:41 GMT
Location: http://mydomain.com/cgi-bin/myscript.cgi

Looks ok to me...but doesn't work =)
0
 
ahoffmannCommented:
> and got:
looks perfect :)

>  In the browser, I get:
strange, the date is broken

either your CGI.pm behaves different in IIS context (I doubt), or IIS mangles the header from your CGI
0
 
emartin24Author Commented:
The browser output was using a different expires value. I just don't get why IIS wouldn't handle the CGI.pm redirect the same way as other web servers...!?!
0
 
ahoffmannCommented:
don't know IIS, but check for NPH - none parsed headers (apache terminolgy)
0
 
kanduraCommented:
Hi emartin24,
> I just don't get why IIS wouldn't handle the CGI.pm redirect the same
> way as other web servers...!?!

It just does. As soon as IIS sees a redirect header, it ignores all other headers you try to set, including cookie headers.
I'm sure MS has a rationale for this, as this has been its behaviour since version 3 (if i remember correctly), and it's still the case in 6.

Your workaround is about as good as it gets: it sends the minimum amount of data to get the job done, and the meta-refresh is almost the same as a real redirect. I'd suggest going for it, and not loose sleep over it :-)


HTH,
Kandura
0
 
emartin24Author Commented:
Well, my final "work-around" was to rename the script to nph-myscript.cgi, change use CGI; to use CGI qw(:standard -nph); and then comment out all print "Content-type: text/html\n\n"; statements. I don't like having a different solution for just IIS servers so until I find a way that works on "all" servers, I'll stick with that =)
0
 
kanduraCommented:
I just saw that in the Perl TA :-)
0
 
emartin24Author Commented:
TheLearnedOne,

Although nobody specifically answered my question, I appreciate everyone's input and am going to give the answer to ahoffmann.

Sorry for leaving this open for so long =)
0

Featured Post

Important Lessons on Recovering from Petya

In their most recent webinar, Skyport Systems explores ways to isolate and protect critical databases to keep the core of your company safe from harm.

  • 6
  • 4
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now