From: Karl Dahlke <eklhad@comcast.net>
To: Edbrowse-dev@lists.the-brannons.com
Subject: [Edbrowse-dev] Accessing fastmail
Date: Sat, 19 Dec 2015 08:24:26 -0500 [thread overview]
Message-ID: <20151119082426.eklhad@comcast.net> (raw)
In-Reply-To: <20151218202619.GA5465@acer.attlocal.net>
Chuck, this sort of error
> There was a session security key mismatch.
is almost certainly a cookie problem.
Websites set cookies that "remember" the session
and if the cookie is not returned in kind the server invalidates the session.
This goes back to another email posted, wherein the login button
has an onsubmit function that sets the cookie,
probably the session cookie described above.
So I imagine this session cookie is not set properly in js,
back to edbrowse, and into curl, or some such.
The cookie code posted seems incompatible with
what the document.cookie settter function expects.
use_classic=1;max-age=604800;expires=Fri, 25 Dec 2015 01:52:50GMT;path=/
All run together no spaces.
However, look through the foldinCookie() function in jseng-moz.cpp.
I think it expects spaces after the semis though that isn't the problem,
it definitely expects a tab between the cookie itself
and the expires path attributes.
In other words, I'm not sure this is netscape cookie format.
1. What can really be fed to document.cookie in js.
2. Did you post this per characters, is this really the string
that foldinCookie has to swallow?
3. If yes then how does it magically know what are cookies
and what are cookie attributes, without the tab?
Again I don't have a login here, but Maybe Kevin and Chuck can answer some of these,
and Chris as our resident cookie expert.
Again, if we fix this problem for this site a lot of other sites
will start working; the session cookie is a very
common strategy on the internet.
Karl Dahlke
next prev parent reply other threads:[~2015-12-19 13:24 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-12-18 20:26 Chuck Hallenbeck
2015-12-19 7:33 ` Chris Brannon
2015-12-19 13:24 ` Karl Dahlke [this message]
2015-12-19 23:07 ` Kevin Carhart
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20151119082426.eklhad@comcast.net \
--to=eklhad@comcast.net \
--cc=Edbrowse-dev@lists.the-brannons.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).