[FASTCGI] Cookie processing in Fast CGI
Tom Bowden
charles_thomas at mac.com
Thu Dec 10 14:54:17 EST 2009
I was noticing that output in my fastcgi stuff yesterday. I use curl
a lot for transfering between daemons/sysetms/postgres/etc., and I
had a script that sent data as fields... it surprised me to see the
Content-Disposition headers... but I can see where it would be common
code.
There is another thing I learned yesterday from what Jay pointed me
to (wikipedia).
Apparently every browser window/tab has a property (window.name) that
can contain up to 32mb of data (like a json structure,etc.). The
page recommended that as an alternative to session cookies. of
course this is neither here nor there... but it speaks to what I am
trying to do with this whole system.
I have a context that is maintained in a c++ application/postgres
that needs to be updated regularly with a context on the browser.
The cookies are for persistent storage of login/session/context
identifiers.
With Respect to this common cookie stuff that I am writing;
- I write in linux, using stl. So I can emulate a lot of the HTTP
object that the com object is using with maps/vectors.... at least at
the cookie level.
- when it comes to the cookie jar (CookieContainer class)
functionality, I usually use a JSON structure/library - and have
written/acquired json objects in everything (C, C++, postgres,
javascript (duh), and php). Since this is C++, and because I would
get warm fuzzies if others can actually use it -- any problems with
my favorite package (jsoncpp -- http://jsoncpp.sourceforge.net) ?
As far as basic structure goes, I'll have an interface class that is
then inherited by either a cookie object or a Content disposition
object. the interface class (which is not a pure interface) will
implement the container object -- so that the *Container can hold
both cookies and the 'other' objects that inherit the interface.
Tom
On Dec 9, 2009, at 6:24 PM, Rob Lemley wrote:
> I'd recommend having rfc2109 and rfc2965 handy.
>
> Also note that the Content-Disposition header is very similar to the
> Cookie header, ie would be common code.
>
> Rob
>
>
> Tom Bowden wrote:
>> will post with pleasure. Thanks!
>>
>> Tom
>>
>> On Dec 9, 2009, at 3:02 PM, Martin Chapman wrote:
>>
>>> Tom,
>>>
>>> It's a little ugly because it's COM and if you convert it to
>>> FastCGI it
>>> would be cool if you posted it back for the rest of us if you
>>> can. The
>>> entire COM implementation is attached.
>>>
>>> General Gist:
>>>
>>> 1. Get the cookie from the env vars. Should be called HTTP_COOKIE.
>>>
>>> 2. Use a method like the one below to parse the cookie value.
>>>
>>> STDMETHODIMP CCookie::ParseValue(BSTR sCookie)
>>> {
>>> AFX_MANAGE_STATE(AfxGetStaticModuleState());
>>>
>>> _bstr_t bstrCookie(sCookie);
>>> if (bstrCookie.length() == 0)
>>> return E_INVALIDARG;
>>>
>>> CString strCookie = (TCHAR*) bstrCookie;
>>> LPCSTR pEnd = strCookie;
>>> LPCSTR pStart = strCookie;
>>> CString name, value;
>>>
>>> while (*pEnd != '\0')
>>> {
>>> while (*pEnd && *pEnd != '=' && *pEnd != '&')
>>> pEnd++;
>>>
>>> if (*pEnd == '\0' || *pEnd == '&')
>>> {
>>> if (pEnd > pStart)
>>> {
>>> CopyToCString(value, pStart, pEnd);
>>> }
>>> put_Value(_bstr_t(value.GetBuffer()));
>>> if (*pEnd == '&')
>>> {
>>> pEnd++;
>>> pStart = pEnd;
>>> continue;
>>> }
>>> return S_OK;
>>> }
>>> else if (*pEnd == '=' )
>>> {
>>> if (pEnd > pStart)
>>> {
>>> CopyToCString(name, pStart, pEnd);
>>> }
>>> else
>>> {
>>> pEnd++;
>>> pStart = pEnd;
>>> break;
>>> }
>>>
>>> pEnd++;
>>> pStart = pEnd;
>>> while (*pEnd && *pEnd != '&' && *pEnd != '=')
>>> pEnd++;
>>> if (pEnd > pStart)
>>> CopyToCString(value, pStart, pEnd);
>>>
>>> AddValue(_bstr_t(name.GetBuffer()),
>>> _bstr_t(value.GetBuffer()));
>>> if (*pEnd != '\0')
>>> pEnd++;
>>>
>>> pStart = pEnd;
>>> }
>>> }
>>>
>>> return S_OK;
>>> }
>>>
>>> 3. The following func parses a single cookie value and is used in
>>> the
>>> func
>>> above.
>>>
>>> STDMETHODIMP CCookie::ParseValue(BSTR sCookie)
>>> {
>>> AFX_MANAGE_STATE(AfxGetStaticModuleState());
>>>
>>> _bstr_t bstrCookie(sCookie);
>>> if (bstrCookie.length() == 0)
>>> return E_INVALIDARG;
>>>
>>> CString strCookie = (TCHAR*) bstrCookie;
>>> LPCSTR pEnd = strCookie;
>>> LPCSTR pStart = strCookie;
>>> CString name, value;
>>>
>>> while (*pEnd != '\0')
>>> {
>>> while (*pEnd && *pEnd != '=' && *pEnd != '&')
>>> pEnd++;
>>>
>>> if (*pEnd == '\0' || *pEnd == '&')
>>> {
>>> if (pEnd > pStart)
>>> {
>>> CopyToCString(value, pStart, pEnd);
>>> }
>>> put_Value(_bstr_t(value.GetBuffer()));
>>> if (*pEnd == '&')
>>> {
>>> pEnd++;
>>> pStart = pEnd;
>>> continue;
>>> }
>>> return S_OK;
>>> }
>>> else
>>> if (*pEnd == '=' )
>>> {
>>> if (pEnd > pStart)
>>> {
>>> CopyToCString(name, pStart, pEnd);
>>> }
>>> else
>>> {
>>> pEnd++;
>>> pStart = pEnd;
>>> break;
>>> }
>>>
>>> pEnd++;
>>> pStart = pEnd;
>>> while (*pEnd && *pEnd != '&' && *pEnd != '=')
>>> pEnd++;
>>> if (pEnd > pStart)
>>> CopyToCString(value, pStart, pEnd);
>>>
>>> AddValue(_bstr_t(name.GetBuffer()),
>>> _bstr_t(value.GetBuffer()));
>>> if (*pEnd != '\0')
>>> pEnd++;
>>>
>>> pStart = pEnd;
>>> }
>>> }
>>>
>>> return S_OK;
>>> }
>>>
>>>
>>> -----Original Message-----
>>> From: fastcgi-developers-bounces
>>> +chapmanm=pixia.com at mailman.fastcgi.com
>>> [mailto:fastcgi-developers-bounces
>>> +chapmanm=pixia.com at mailman.fastcgi.com]
>>>
>>> On Behalf Of Tom Bowden
>>> Sent: Wednesday, December 09, 2009 1:18 PM
>>> To: FastCGI Developers
>>> Subject: [FASTCGI] Cookie processing in Fast CGI
>>>
>>> Is there a thread somewhere that talks about parsing cookies -
>>> or, is
>>> this something that I have to treat like any other header parsing
>>> task.
>>>
>>> Tom
>>>
>>> _______________________________________________
>>> FastCGI-developers mailing list
>>> FastCGI-developers at mailman.fastcgi.com
>>> http://mailman.pins.net/mailman/listinfo.cgi/fastcgi-
>>> developers<CookieCollection.h><Cookie.cpp><Cookie.h><CookieCollectio
>>> n.cpp>
>>>
>>
>> _______________________________________________
>> FastCGI-developers mailing list
>> FastCGI-developers at mailman.fastcgi.com
>> http://mailman.pins.net/mailman/listinfo.cgi/fastcgi-developers
>>
>>
>
More information about the FastCGI-developers
mailing list