PhyrePhox
asked on
Python generated cookies not working properly with Internet Explorer
Hi,
I've been asked to "fix" some python / CGI code on one of our products. The cookies worked fine in Firefox, but were timing out after a couple seconds in Internet Explorer 6.x.
I have had some experience with Python before, but that's about it. After mucking 'round within the code for a couple of days, I was unable to find an obvious cookie error. The ex-dev looked like they knew even less than me, and it was hardly secure.
I took out the cookie code, and replaced it. But we're running into a weirder set of problems:
1) It looks like the cookies are not being stored by IE. They are not showing up as a "Cookie:.." text file in the Temp Internet Files directory.
2) The attached code shows the cookie code in a simple test. In IE, hitting the 'login' button often brings you back to the login.cgi page. Changing the security settings makes no difference here...
Could these problems have the same root? Is it the cookie code? What am I missing?
login.cgi.txt
main.cgi.txt
mycookie.py.txt
I've been asked to "fix" some python / CGI code on one of our products. The cookies worked fine in Firefox, but were timing out after a couple seconds in Internet Explorer 6.x.
I have had some experience with Python before, but that's about it. After mucking 'round within the code for a couple of days, I was unable to find an obvious cookie error. The ex-dev looked like they knew even less than me, and it was hardly secure.
I took out the cookie code, and replaced it. But we're running into a weirder set of problems:
1) It looks like the cookies are not being stored by IE. They are not showing up as a "Cookie:.." text file in the Temp Internet Files directory.
2) The attached code shows the cookie code in a simple test. In IE, hitting the 'login' button often brings you back to the login.cgi page. Changing the security settings makes no difference here...
Could these problems have the same root? Is it the cookie code? What am I missing?
login.cgi.txt
main.cgi.txt
mycookie.py.txt
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
http://www.rupertjones.com/weblog/archives/000073.php
and here:
http://www.modssl.org/docs/2.8/ssl_faq.html#ToC49
Which basically instructs you to put the following in the virtual host directive of your Apache config:
SetEnvIf User-Agent ".*MSIE.*" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0