damn cookies...

d_i_r_t_y has asked for the wisdom of the Perl Monks concerning the following question:

a simple question for those with a keener mind or eye than i...

why don't any of my browsers receive a cookie from the following?

...."business logic"....
        my $cookie = get_session_cookie();
        print $cgi->header(
            #-Refresh => "3; $PAGE_AFTER_LOGON",
            -type => 'text/html',
            -cookie => $cookie
        );
.... remainder of page ....

sub get_session_cookie
{
    return unless $SessionID;

    my $cookie = $cgi->cookie(
        -name       =>  'session_id',
        -value      =>  $SessionID,
        -path       =>  '/',
        -expires    =>  '+4h',
        -domain     =>  '.some.domain',
    );
    warn "created session cookie: $cookie";

    return $cookie;
}
[download]

the session cookie when printed in the logs looks like:
session_id=461a3a75dd; domain=.some.domain; path=/; expires=Mon, 12-Mar-2001 06:42:29 GMT

any ideas? my browsers ( netscape 4.7, linux; konqueror from kde2.1) are both set up to report and accept cookies...

this is getting really frustrating...

thanks, d_i_r_t_y

Comment on damn cookies... Select or Download Code

Replies are listed 'Best First'.
Re: damn cookies... by fpi (Monk) on Mar 11, 2001 at 13:01 UTC
For the sake of troubleshooting, first remove the "path", "expires", and "domain" settings, and then try it again. That way you can see if you can at least set the basic name and value of the cookie. The domain and path are set for the most part as a security or control, to restrict which sites can read the cookie. If you don't specify the domain/path, I believe it will just default to the domain of the site. If you don't specify an expire time, I believe your browser will default to the duration that the browser process remains active. Or you can do what I do and set and read the cookies manually and not use CGI.pm. While that may be against some people's rules, I feel more control in certain complex sites and it is easier for me to understand.	[reply]
(tye)Re: damn cookies... by tye (Sage) on Mar 11, 2001 at 09:57 UTC
Just a guess, but are you not connecting via a .some.domain address? - tye (but my friends call me "Tye")	[reply]
Re: damn cookies... by sutch (Curate) on Mar 12, 2001 at 03:42 UTC
My guess is that it is related to the domain. I have run into similar problems, though with Netscape, of not accepting cookies when the domain isn't just right. For example, cookies missing the initial "." are sometimes not accepted. Also, if you are requesting the content through differnet domain (ie, a virtual domain) the browser will not accept the cookie.	[reply]
Re: damn cookies... by lachoy (Parson) on Mar 12, 2001 at 06:48 UTC
You don't mention it: are you sure the browsers you're testing with are actually getting the cookies? Look at the actual headers returned by your application -- I've found wsnitch to be an invaluable application for this, although if you can do so just using `telnet myhost 80` and typing in the request by hand is easier. (Using LWP for this is, of course, always an option :-) Another thing: what happens when you do something like: `my $header = $cgi->header( -type => 'text/html', -cookie => $cookie ); warn "Header sent to client:\n<<$header>>\n"; print $header;` [download] Just so you can be absolutely certain that the browser is getting the right header. I've been bitten by this more times than I can count :-) Chris M-x auto-bs-mode	[reply] [d/l] [select]
Re: Re: damn cookies... by d_i_r_t_y (Monk) on Mar 12, 2001 at 08:31 UTC
i did this... telnet'ed to port 80 and grep'ed the returned html by eye... the cookies were there... i finally nailed the problem down to the browser -- for some odd reason netscape didn't like the domain and/or the path arguments, since removing the domain argument made everything work out just swell. thanks to fpi for his/her suggestion -- trimming back the arguments to the CGI::cookie method to just the -name and -value parameters when troubleshooting is the way to go. (bolded to indicate importance for the skimmers amongst us ;-) ) d_i_r_t_y	[reply]