[ptt-users] subdomains & jcookie

Tue Mar 27 01:13:12 PST 2007

Ah yes, that will also cause a problem. In fact we have something
similar.

By turning bStrict off (you'll see it in the code for the tailMatch
function), you'll silently ignore cookies that don't match domains. They
still wont get set in the cookieJar so this might still be a problem.
When browsers come across such cookies they just silently ignore them
rather than pester the user about illegal cookies.

The jCookie library is actually functioning correctly- it is illegal to
set a cookie from one domain on another (this would be a big security
problem). But you can turn all that off from within the jCookie library.

To monitor the http/https transactions I wrote my own python
intercepting server. I sent it to Frank earlier. Although some people
here use TamperData for Firefox

Cheers

-Geoff

________________________________

From: users-bounces at lists.pushtotest.com
[mailto:users-bounces at lists.pushtotest.com] On Behalf Of Ernest Semerda
Sent: 27 March 2007 05:58
To: 'TestMaker users list'
Subject: RE: [ptt-users] subdomains & jcookie

Cheers Geoff but I think I may have a larger problem then the TLDs.

For some unknown reason my domain and host change 80% down into the
execution. I can see this change when debugging via jCookie. In the
browser its fine but under Testmaker it isn't :-(. I loose the sub
domain so for example a domain like test.semerda.com becomes
www.semerda.com <http://www.semerda.com/> 

What program do you guys use to monitor the http/https transactions?
I've been using IE HTTP Analyzer.

Oh btw, I've updated the jCookie with the latest ICANN | Top-Level
Domains (gTLDs) (# Version 2007032501, Mon Mar 26 09:07:01 2007 UTC) -
266 current TLDs vs 8 jCookie TLDs. If anyone wants the update jCookie
with the 266 TLDs, the dist can be downloaded here:
http://www.semerda.com/storage/jCookie.jar
<http://www.semerda.com/storage/jCookie.jar>  or build
http://www.semerda.com/storage/jCookie.zip
<http://www.semerda.com/storage/jCookie.zip> 

Regards,

Ernest

________________________________

From: users-bounces at lists.pushtotest.com
[mailto:users-bounces at lists.pushtotest.com] On Behalf Of Geoff Meakin
Sent: Monday, March 26, 2007 7:07 PM
To: TestMaker users list
Subject: RE: [ptt-users] subdomains & jcookie

The mail you refer to is about a tailmatch cookie exception.

This is because the jcookie library defines a list of acceptable host
top-level-domains (TLDs) like com, net, org etc.. It is by no means
extensive!

I solved all these problems for us by editing my own jcookie library and
recompiling it (easy to find the source on the web), with new TLDs. I
also turned bStrict off, because I got fed up of recompiling in the end
:-)

Hope this helps,

Geoff

________________________________

From: users-bounces at lists.pushtotest.com
[mailto:users-bounces at lists.pushtotest.com] On Behalf Of Ernest Semerda
Sent: 25 March 2007 15:43
To: 'TestMaker users list'
Subject: RE: [ptt-users] subdomains & jcookie

Wow! Dejavu - I'm back to my old old problem -
http://cake.pushtotest.com/pipermail/users/2004-October/002230.html

Has there been a solution for it?

I cannot recall what I did 3 years ago to get around this lol

E

________________________________

From: users-bounces at lists.pushtotest.com
[mailto:users-bounces at lists.pushtotest.com] On Behalf Of Ernest Semerda
Sent: Monday, March 26, 2007 12:28 AM
To: users at lists.pushtotest.com
Subject: [ptt-users] subdomains & jcookie

Is anyone else having problems with testing content under a secure
(https) subdomain eg. test.semerda.com and keeping cookies throughout
the session? I don't think my cookies are maintained as the page content
under a secure subdomain never shows up. The content is meant to appear
only when a user is say logged into the system I am testing. I'm not
getting any error messages I'm just assuming that this could be the
cause.

When I manually step through the web page in my IE / Firefox it works
fine so it's not an issue with the service I'm testing.

Anyone else experienced issues with subdiomains and jcookies?

I found this in old messages.

http://cake.pushtotest.com/pipermail/users/2004-January/001736.html

Not getting far tho atm :-(

Cheers,

Ernest

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://cake.pushtotest.com/pipermail/users/attachments/20070327/22500272/attachment.htm