inman has asked for the wisdom of the Perl Monks concerning the following question:

Dear Monks

Apologies for the OT nature of this node (but it is affecting a Perl app!)

I am in the process of deploying a Perl web app that makes use of cookies to store user credentials and data. I fully expected that the app could be deployed and running in minutes but I have hit a problem which appears to be caused by the cookie headers not reaching the web server. This is not a situation that I have encountered before and I would be most grateful for your collective wisdom.

The application can be accessed by IP address, DNS name or by a local name set up in the hosts file. The cookies are only being lost when the DNS name is used. To my mind, this points to a network device (firewall, load balancer etc.) that is intercepting the calls to the server and stripping out the headers. Has any other monk encountered a similar issue? The operations people who installed the server don't know whether there is a firewall and haven't been able to talk to the network guys...

Here are the details of the setup:

Many thanks in advance for helpful suggestions!

Inman

Replies are listed 'Best First'.
Re: (OT) Cookies lost in transit
by PodMaster (Abbot) on Nov 24, 2003 at 15:35 UTC
    The application can be accessed by IP address, DNS name or by a local name set up in the hosts file. The cookies are only being lost when the DNS name is used. To my mind, this points to
    How are you constructing the cookie (hello host)? Got any packet capturing software running (get some, capture, compare)?

    MJD says "you can't just make shit up and expect the computer to know what you mean, retardo!"
    I run a Win32 PPM repository for perl 5.6.x and 5.8.x -- I take requests (README).
    ** The third rule of perl club is a statement of fact: pod is sexy.

[reply]

      For tracking client and server headers, I would highly recommend using the Live HTTP Headers plugin for Mozilla. This will show you exactly what the browser is sending to the server, and what the server is sending back.

      Then you can check the same thing on the server side to see if something is different (mod_perl provides the Apache::DumpHeaders module, I am guessing there must be a similar feature avaiable to IIS).

      - Cees

[reply]
Re: (OT) Cookies lost in transit
by eric256 (Parson) on Nov 24, 2003 at 17:35 UTC

    You should check which domain the cookies are claiming to be from. It could be that the cookies are being sent, but because of a wrong domain name they aren't being returned to the server when the user visits the site.


    ___________
    Eric Hodges
[reply]
Re: (OT) Cookies lost in transit
by inman (Curate) on Nov 25, 2003 at 17:03 UTC
    Many thanks to the monks that responded to my plea for help. It transpires that the issue was due to an Internet Explorer feature that I was unaware of. The rest of this node serves as documentation for monks who have a similar issue.

    The server hostname contained an underscore. This is not allowed according to the DNS spec (RFC 2181). IE manages to handle everything else correctly but refuses to process cookies correctly. This gives the appearance that the users browser has been set to 'not accept cookies' when it hasn't.

    I have only investigated this issue using IE6 but other versions of IE may exhibit the same behaviour.

    It's nice to have an answer and know that you are not going mad! A quick DNS update changed the underscore in the hostname to be a hyphen and all was well. Cookies are being passed without issue.

    inman

[reply]

Back to Seekers of Perl Wisdom