Python generated cookies not working properly with Internet Explorer

Hi,

I've been asked to "fix" some python / CGI code on one of our products. The cookies worked fine in Firefox, but were timing out after a couple seconds in Internet Explorer 6.x.

I have had some experience with Python before, but that's about it. After mucking 'round within the code for a couple of days, I was unable to find an obvious cookie error. The ex-dev looked like they knew even less than me, and it was hardly secure.

I took out the cookie code, and replaced it. But we're running into a weirder set of problems:
1) It looks like the cookies are not being stored by IE. They are not showing up as a "Cookie:.." text file in the Temp Internet Files directory.
2) The attached code shows the cookie code in a simple test. In IE, hitting the 'login' button often brings you back to the login.cgi page. Changing the security settings makes no difference here...

Could these problems have the same root? Is it the cookie code? What am I missing?
login.cgi.txt
main.cgi.txt
mycookie.py.txt
PhyrePhoxAsked:
Who is Participating?
 
PhyrePhoxConnect With a Mentor Author Commented:
Solved.

TCP dumping showed that IE was sometimes truncating the cookies (probably due to the binary data), so we encrypted them in base64.

The second part of the question is as SSL issue / IE issue, which was fixed by changing the apache config
0
 
PhyrePhoxAuthor Commented:
The SSL link is here:
http://www.rupertjones.com/weblog/archives/000073.php

and here:
http://www.modssl.org/docs/2.8/ssl_faq.html#ToC49

Which basically instructs you to put the following in the virtual host directive of your Apache config:

    SetEnvIf User-Agent ".*MSIE.*" \
    nokeepalive ssl-unclean-shutdown \
    downgrade-1.0 force-response-1.0

0
All Courses

From novice to tech pro — start learning today.