Solved

Cross browser Compatibility -Cookie problem

Posted on 2011-03-23
3
1,083 Views
Last Modified: 2012-05-11
Hi,

    I'm developing a Mobile Application which is having cross browser compatibility issue

1. I have mobilelogin.jsp where I set some cookie value (Customer ID). After successful validation this cookie value must be read and other operations must be done.

2. The code I've written works perfectly in Firefox but in Safari,Chrome,Opera I don't get the cookie value at all, hence the application does not work.

Please refer the Code sections (mobilelogin.jsp, validate.js) lookup.jsp I haven't provided

3. Is there any browser specific snippet has to written? I fail to understand why doesn't it work in other browsers (except FF).

Any inputs will be highly regarded.

Thanks,
Rio
mobilelogin.jsp
----------------------------------------------------------

<%@ page import="com.day.cq.wcm.api.WCMMode" %>
<%@ page import="com.day.cq.wcm.foundation.forms.FormsHelper" %>
<%@ page import="com.day.cq.wcm.foundation.forms.LayoutHelper" %>
<%@ page import="com.day.text.Text,com.day.cq.i18n.I18n,
                com.day.cq.xss.XSSProtectionService,
                org.apache.commons.lang.StringEscapeUtils,
                org.apache.commons.lang.StringUtils" %>
<%@ page import="java.util.ResourceBundle" %>
<%
%><%@include file="/libs/foundation/global.jsp"%>
<script type="text/javascript" src="/apps/FinanceCorp/components/mobilelogin/validate.js"></script>
<%
    String id = Text.getName(resource.getPath());
    // I18n
    I18n i18n = new I18n(slingRequest);
    String contextPath = (StringUtils.isBlank(currentPage.getPath())) ? "/" : currentPage.getPath();

    
    // XSS protection (for login failure reason)
    XSSProtectionService xssService = sling.getService(XSSProtectionService.class);
    String defaultRedirect = currentPage.getPath();
    String lookupLocation = properties.get("./lookupLocation",defaultRedirect);
    String forwardLocation = properties.get("./forwardLocation",defaultRedirect);
%>
<%
        String jReason = request.getParameter("j_reason");
        if (jReason != null) {
            if (xssService != null) {
                jReason = xssService.protectFromXSS(jReason);
            }
            jReason = StringEscapeUtils.escapeHtml(jReason);
        } else {
            jReason = "Test";
        }
%>
<div id="login-form">
<form method="GET" id="<%=id%>" name="<%=id%>" action="<%=forwardLocation%>" enctype="multipart/form-data">
    <h1>The Bank Of Me</h1>
    <input type="hidden" id="lookupLocation" name="lookupLocation" value="<%=lookupLocation%>"> 
    <input type="hidden" id="forwardLocation" name="forwardLocation" value="<%=forwardLocation%>">    
    <input type="hidden" name="_charset_" value="UTF-8"/>
    <input type="hidden" name="customerId" value=""/>
    <input type="hidden" name="contextPath" value="<%=contextPath%>">
    <p><input type="password" name="j_username" id="login-pswd" value="" /></p> 
    <p id="pswd-label">Enter Your PIN</p></p>                                
    <p><input type="submit" name="login_submit" id="login_submit" value="" /></p>
    <p id="login-error" style="visibility:hidden; color:red;"><%= i18n.get(jReason) %></p>
</form>
</div>
<br />

<script>

$(document).ready(function(){


$("#login_submit").click(function(){
        var pswd= $("#login-pswd").val();
        if($.trim(pswd.length)>0){
            return loginuser('<%= StringEscapeUtils.escapeHtml(StringEscapeUtils.escapeJavaScript(i18n.get("Invalid PIN"))) %>')            
        }else{
            var loginError = document.getElementById("login-error");
            loginError.innerHTML = "Please Enter the PIN";
            loginError.style.visibility = "visible";
            return false;
        }
});

});
</script>

-----------------------------------------------------------
validate.js

// 'xmlhttp' request object, do not access directly, use getXmlHttp instead
var xmlhttp = null;
function getXmlHttp() {
    if (xmlhttp) {
        return xmlhttp;
    }

    if (window.XMLHttpRequest) {
        xmlhttp = new XMLHttpRequest();
    } else {
        if (window.ActiveXObject) {
            try {
                xmlhttp = new ActiveXObject('Msxml2.XMLHTTP');
            } catch (ex) {
                try {
                    xmlhttp = new ActiveXObject('Microsoft.XMLHTTP');
                } catch (ex) {
                }
            }
        }
    }
    return xmlhttp;
}


function sendRequest(/* String */contextPath, /* String */user,
    /* String */ pass) {
    //Warning: there is a copy of this method in /libs/cq/ui/widgets/source/User.js#login
    //changing this method means also changing User.js#login until a unique
    //and central method is implemented
    //current method is the master
    var xmlhttp = getXmlHttp();
    if (!xmlhttp) {
        return;
    }

    if (xmlhttp.readyState < 4) {
        xmlhttp.abort();
    }

    // send the authentication request
    xmlhttp.open('POST', contextPath + "?sling:authRequestLogin=BASIC&j_validate=true", false, user, pass);
    xmlhttp.send('');

    // check result against 403/FORBIDDEN sent by the server
    // if the credentials are wrong (other status codes like
    // 200/OK, 404/NOT FOUND or even 500/INTERNAL SERVER ERROR
    // should be considered as login success)
    return xmlhttp.status != 403;
}

function showError(msg) {
    try {
        var loginError = document.getElementById("login-error");
        loginError.innerHTML = msg;
        loginError.style.visibility = "visible";
    } catch (e) {
        alert(msg+"::"+e.message);
    }
}

function loginuser(failedLoginMessage) {
    // perform basic login for FF/IE, other browsers use token login
    if (navigator.userAgent.indexOf("MSIE") > 0 || navigator.userAgent.indexOf("Firefox") > 0) {

        var contextPath = document.forms['mobilelogin'].contextPath.value;
        var user = document.forms['mobilelogin'].j_username.value;
        var pass = document.forms['mobilelogin'].j_username.value;
        //var pass = document.forms['mobilelogin'].j_password.value;
        var lookupLocation = document.forms['mobilelogin'].lookupLocation.value;
        var forwardLocation = document.forms['mobilelogin'].forwardLocation.value;

        // send user/id password to check and persist
        if (sendRequest(contextPath, user, pass)) {
             var xmlhttp = getXmlHttp();
             if (!xmlhttp) {
                 return;
             }

             if (xmlhttp.readyState < 4) {
                 xmlhttp.abort();
             }
             // send the lookup request
             xmlhttp.open('GET', lookupLocation, false);
             xmlhttp.send('');

             if(xmlhttp.status != 403 || xmlhttp.status != 404 || xmlhttp.status != 500)
             {
                 var custId = xmlhttp.responseText;
                 custId = custId.trim(); 
                 if(custId != null && custId!='') {
                     document.forms['mobilelogin'].customerId.value = custId.trim();
                     CQ.HTTP.setCookie('sd_customer', custId, CQ.HTTP.externalize('/content/FinanceCorp_mobile/'));
                     document.forms['mobilelogin'].submit();
                     //document.location = forwardLocation;
                 }else{
                     showError(failedLoginMessage);
                     //sendRequest(contextPath + ".html", 'anonymous', 'null');
                 }
             }

        } else {
        
            showError(failedLoginMessage);
            //sendRequest(contextPath + ".html", 'anonymous', 'null');
        }

    } else {
        return true;
    }

    return false;
}

function signout(contextPath) {
    if (navigator.userAgent.indexOf("MSIE") > 0 || navigator.userAgent.indexOf("Firefox") > 0) {

        sendRequest(contextPath, 'anonymous', 'null');
        window.location.reload();
    } else {

        document.location = contextPath + "system/sling/logout.html";
    }
}

Open in new window

0
Comment
Question by:Rio_amazon
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 82

Accepted Solution

by:
leakim971 earned 500 total points
ID: 35198647
staying on the jquery level try this plugin : https://github.com/carhartl/jquery-cookie
0
 
LVL 31

Expert Comment

by:James Murrell
ID: 36434082
This question has been classified as abandoned and is closed as part of the Cleanup Program. See the recommendation for more details.
0

Featured Post

Secure Your Active Directory - April 20, 2017

Active Directory plays a critical role in your company’s IT infrastructure and keeping it secure in today’s hacker-infested world is a must.
Microsoft published 300+ pages of guidance, but who has the time, money, and resources to implement? Register now to find an easier way.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I spend far too much time on the web keeping up with the news: politics, the environment, computer stuff, the Experts Exchange. It's never-ending. But many of the most informative web pages are overwhelmed with noise: scrolling banners, flashing tex…
I recently found myself in a Corporate Situation where the client had requested blocking access to any and all websites except his own Domain? Easy? I am sure this would be your answer but their requirement was, this has to be done without using…
Google currently has a new report that is in beta and coming soon to Webmaster Tool accounts. This Micro Tutorial will highlight new features for Google Webmaster Tools.
This Micro Tutorial will demonstrate how to add subdomains to your content reports. This can be very importing in having a site with multiple subdomains.

761 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question