[FASTCGI] Cookie processing in Fast CGI

Tom Bowden charles_thomas at mac.com
Thu Dec 10 14:54:17 EST 2009


I was noticing that output in my fastcgi stuff yesterday.  I use curl  
a lot for transfering between daemons/sysetms/postgres/etc., and I  
had a script that sent data as fields... it surprised me to see the  
Content-Disposition headers... but I can see where it would be common  
code.

There is another thing I learned yesterday from what Jay pointed me  
to (wikipedia).

Apparently every browser window/tab has a property (window.name) that  
can contain up to 32mb of data (like a json structure,etc.).  The  
page recommended that as an alternative to session cookies.  of  
course this is neither here nor there... but it speaks to what I am  
trying to do with this whole system.

I have a context that is maintained in a c++ application/postgres  
that needs to be updated regularly with a context on the browser.   
The cookies are for persistent storage of login/session/context  
identifiers.

With Respect to this common cookie stuff that I am writing;

- I write in linux, using stl.  So I can emulate a lot of the HTTP  
object that the com object is using with maps/vectors.... at least at  
the cookie level.
- when it comes to the cookie jar (CookieContainer class)  
functionality, I usually use a JSON structure/library - and have  
written/acquired json objects in everything (C, C++, postgres,  
javascript (duh), and php).   Since this is C++, and because I would  
get warm fuzzies if others can actually use it -- any problems with  
my favorite package  (jsoncpp -- http://jsoncpp.sourceforge.net) ?

As far as basic structure goes, I'll have an interface class that is  
then inherited by either a cookie object or a Content disposition  
object.  the interface class (which is not a pure interface) will  
implement the container object -- so that the *Container can hold  
both cookies and the 'other' objects that inherit the interface.

Tom




On Dec 9, 2009, at 6:24 PM, Rob Lemley wrote:

> I'd recommend having rfc2109 and rfc2965 handy.
>
> Also note that the Content-Disposition header is very similar to the
> Cookie header, ie would be common code.
>
> Rob
>
>
> Tom Bowden wrote:
>> will post with pleasure.  Thanks!
>>
>> Tom
>>
>> On Dec 9, 2009, at 3:02 PM, Martin Chapman wrote:
>>
>>> Tom,
>>>
>>> It's a little ugly because it's COM and if you convert it to  
>>> FastCGI it
>>> would be cool if you posted it back for the rest of us if you  
>>> can.  The
>>> entire COM implementation is attached.
>>>
>>> General Gist:
>>>
>>> 1. Get the cookie from the env vars.  Should be called HTTP_COOKIE.
>>>
>>> 2. Use a method like the one below to parse the cookie value.
>>>
>>> STDMETHODIMP CCookie::ParseValue(BSTR sCookie)
>>> {
>>>     AFX_MANAGE_STATE(AfxGetStaticModuleState());
>>>
>>>     _bstr_t bstrCookie(sCookie);
>>>     if (bstrCookie.length() == 0)
>>>         return E_INVALIDARG;
>>>
>>>     CString strCookie = (TCHAR*) bstrCookie;
>>>     LPCSTR pEnd = strCookie;
>>>     LPCSTR pStart = strCookie;
>>>     CString name, value;
>>>
>>>     while (*pEnd != '\0')
>>>     {
>>>         while (*pEnd && *pEnd != '=' && *pEnd != '&')
>>>             pEnd++;
>>>
>>>         if (*pEnd == '\0' || *pEnd == '&')
>>>         {
>>>             if (pEnd > pStart)
>>>             {
>>>                 CopyToCString(value, pStart, pEnd);
>>>             }
>>>             put_Value(_bstr_t(value.GetBuffer()));
>>>             if (*pEnd == '&')
>>>             {
>>>                 pEnd++;
>>>                 pStart = pEnd;
>>>                 continue;
>>>             }
>>>             return S_OK;
>>>         }
>>>         else if (*pEnd == '=' )
>>>         {
>>>             if (pEnd > pStart)
>>>             {
>>>                 CopyToCString(name, pStart, pEnd);
>>>             }
>>>             else
>>>             {
>>>                 pEnd++;
>>>                 pStart = pEnd;
>>>                 break;
>>>             }
>>>
>>>             pEnd++;
>>>             pStart = pEnd;
>>>             while (*pEnd && *pEnd != '&' && *pEnd != '=')
>>>                 pEnd++;
>>>             if (pEnd > pStart)
>>>                 CopyToCString(value, pStart, pEnd);
>>>
>>>             AddValue(_bstr_t(name.GetBuffer()),
>>> _bstr_t(value.GetBuffer()));
>>>             if (*pEnd != '\0')
>>>                 pEnd++;
>>>
>>>             pStart = pEnd;
>>>         }
>>>     }
>>>
>>>     return S_OK;
>>> }
>>>
>>> 3. The following func parses a single cookie value and is used in  
>>> the
>>> func
>>> above.
>>>
>>> STDMETHODIMP CCookie::ParseValue(BSTR sCookie)
>>> {
>>>     AFX_MANAGE_STATE(AfxGetStaticModuleState());
>>>
>>>     _bstr_t bstrCookie(sCookie);
>>>     if (bstrCookie.length() == 0)
>>>         return E_INVALIDARG;
>>>
>>>     CString strCookie = (TCHAR*) bstrCookie;
>>>     LPCSTR pEnd = strCookie;
>>>     LPCSTR pStart = strCookie;
>>>     CString name, value;
>>>
>>>     while (*pEnd != '\0')
>>>     {
>>>         while (*pEnd && *pEnd != '=' && *pEnd != '&')
>>>             pEnd++;
>>>
>>>         if (*pEnd == '\0' || *pEnd == '&')
>>>         {
>>>             if (pEnd > pStart)
>>>             {
>>>                 CopyToCString(value, pStart, pEnd);
>>>             }
>>>             put_Value(_bstr_t(value.GetBuffer()));
>>>             if (*pEnd == '&')
>>>             {
>>>                 pEnd++;
>>>                 pStart = pEnd;
>>>                 continue;
>>>             }
>>>             return S_OK;
>>>         }
>>>         else
>>>         if (*pEnd == '=' )
>>>         {
>>>             if (pEnd > pStart)
>>>             {
>>>                 CopyToCString(name, pStart, pEnd);
>>>             }
>>>             else
>>>             {
>>>                 pEnd++;
>>>                 pStart = pEnd;
>>>                 break;
>>>             }
>>>
>>>             pEnd++;
>>>             pStart = pEnd;
>>>             while (*pEnd && *pEnd != '&' && *pEnd != '=')
>>>                 pEnd++;
>>>             if (pEnd > pStart)
>>>                 CopyToCString(value, pStart, pEnd);
>>>
>>>             AddValue(_bstr_t(name.GetBuffer()),
>>> _bstr_t(value.GetBuffer()));
>>>             if (*pEnd != '\0')
>>>                 pEnd++;
>>>
>>>             pStart = pEnd;
>>>         }
>>>     }
>>>
>>>     return S_OK;
>>> }
>>>
>>>
>>> -----Original Message-----
>>> From: fastcgi-developers-bounces 
>>> +chapmanm=pixia.com at mailman.fastcgi.com
>>> [mailto:fastcgi-developers-bounces 
>>> +chapmanm=pixia.com at mailman.fastcgi.com]
>>>
>>> On Behalf Of Tom Bowden
>>> Sent: Wednesday, December 09, 2009 1:18 PM
>>> To: FastCGI Developers
>>> Subject: [FASTCGI] Cookie processing in Fast CGI
>>>
>>> Is there a thread somewhere that talks about parsing cookies -  
>>> or, is
>>> this something that I have to treat like any other header parsing  
>>> task.
>>>
>>> Tom
>>>
>>> _______________________________________________
>>> FastCGI-developers mailing list
>>> FastCGI-developers at mailman.fastcgi.com
>>> http://mailman.pins.net/mailman/listinfo.cgi/fastcgi- 
>>> developers<CookieCollection.h><Cookie.cpp><Cookie.h><CookieCollectio 
>>> n.cpp>
>>>
>>
>> _______________________________________________
>> FastCGI-developers mailing list
>> FastCGI-developers at mailman.fastcgi.com
>> http://mailman.pins.net/mailman/listinfo.cgi/fastcgi-developers
>>
>>
>



More information about the FastCGI-developers mailing list