Re: cookies as hidden files

I've spent the morning trying to reproduce it on my machine and my brothers, and can't seem to do it. It must have been some kind of coincidence or fluke. Thanks for your help everyone. I'll let you know if I ever figure it out. Denzil --- Bob Showalter <[EMAIL PROTECTED]> wrote: > Whatever p

Re: cookies as hidden files

Denzil Kruse wrote: Well, this is what I witnessed. I'm using a windows computer at home. It is configured to display hidden files. I have a red hat linux server off who knows where that hosts my site. I set up a perl script to set and fetch cookies, and it does so correctly on my computer.

Re: cookies as hidden files

--- Sara <[EMAIL PROTECTED]> wrote: > 1. Are we setting up the proper headers? > > use CGI; > my $q = new CGI; > > print $q->header(-cookie=>$cookie); I think so. I did it this way: my $cookie = new CGI::Cookie(-name=>'name', -value=>"$name",

Re: cookies as hidden files

Well, this is what I witnessed. I'm using a windows computer at home. It is configured to display hidden files. I have a red hat linux server off who knows where that hosts my site. I set up a perl script to set and fetch cookies, and it does so correctly on my computer. But, I went over to a

Re: cookies as hidden files

1. Are we setting up the proper headers? use CGI; my $q = new CGI; print $q->header(-cookie=>$cookie); 2. I am unable to see the -domain => 'foo.com'; 3. On which machine, you are testing? Your Windows (localhost) or a real web server?. I have always experienced problems locating cookies for

Re: cookies as hidden files

On 9/16/05 12:08 AM, "Denzil Kruse" <[EMAIL PROTECTED]> wrote: > Hi all, > > I read through the docs for CGI::Cookie and learned > how to set a cookie. I do it with line: > > my $cookie = new CGI::Cookie(-name=>'name', >-value=>"$name", >

Re: Cookies v. Hiddent Fields

From: "Siegfried Heintze" <[EMAIL PROTECTED]> > What is the difference (as far as security goes) between using a cookie and > a hidden field? Are hidden fields cached if we are using SSL? I think not. > > Both have the same security. A hidden field is simpler to be viewd by a user, but a cracker

Re: Cookies v. Hiddent Fields

> > What is the difference (as far as security goes) between using a cookie and > a hidden field? Are hidden fields cached if we are using SSL? I think not. > > None. Both are wide open. SSL simply encrypts the "pipe" between your server and the client (browser). Everything passing over it, inc

Re: Cookies

is link http://users.easystreet.com/ovid/cgi_course/ -rm- - Original Message - From: "Wiggins d'Anconia" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> Sent: Saturday, September 20, 2003 10:24 AM Subject: Re: Cookies > Alejandro Chavarria -

RE: Cookies

Thanks. I will try that. Alex -Original Message- From: Wiggins d'Anconia [mailto:[EMAIL PROTECTED] Sent: Saturday, September 20, 2003 7:24 AM To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: Re: Cookies Alejandro Chavarria - CyPage wrote: > Thanks for your reply Wiggins d

Re: Cookies

essage- From: Wiggins d'Anconia [mailto:[EMAIL PROTECTED] Sent: Thursday, September 18, 2003 6:17 AM To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: RE: Cookies On Wed, 17 Sep 2003 20:33:00 -0800, "Alejandro Chavarria - CyPage"

RE: Cookies

On Wed, 17 Sep 2003 20:33:00 -0800, "Alejandro Chavarria - CyPage" <[EMAIL PROTECTED]> wrote: > Hey, > > I have a script and I want to allow an administrator log on to it. Once > logged in they can change things... etc. Basically stuff I don't

Re: cookies with CGI and IE7

"Andrew Brosnan" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] > > Anyone having trouble setting or retrieving cookies with CGI.pm and IE7? > > I'm doing: > my $cookie = $q->cookie( -name=> 'session', > -value => $session, >

Re: cookies with CGI and IE7

Andrew Brosnan wrote: Anyone having trouble setting or retrieving cookies with CGI.pm and IE7? I'm doing: my $cookie = $q->cookie( -name=> 'session', -value => $session, -expires => '3h', print $q->header( -cookie => $cookie);

Re: Cookies and mod_perl

Dennis Stout wrote: > Is there any difference in setting cookies between operating under > just general CGI and when using an Apache webserver and mod_perl? By "general CGI", if you mean mod_cgi, then no, there is no difference. > > I got a program I'm writing that generates every page it dishes

Re: Cookies and mod_perl

Dennis Stout wrote: Is there any difference in setting cookies between operating under just general CGI and when using an Apache webserver and mod_perl? I got a program I'm writing that generates every page it dishes out on the fly, dynamically. If I can stay away from doing a use CGI;, I would lov

RE: cookies

> Hello all, > > Can anyone point me to some good doc on how to > create/read/delete cookies? > > Thanks! > Hi Stephen I am new to cookies as well and recently posted a question like this. Here is what I found helpful: Here's a good overview: http://wp.netscape.com/newsref/std/cookie_spec.html

Re: cookies not set

On Sunday, Feb 16, 2003, at 21:54 US/Pacific, uma ramdoss wrote: [..] why when it sends the request to the original server, it sends connection :close header. why is it so. [..] I think that is the 'default' - unless you expressly ask for Connection: keep-alive to request that the connectio

Re: Cookies - might be off topic

Assuming you have control of the domains in question, you could have a "hidden" frame (frameheight=0 or something similar) that loads a script on one of the other domains that then sets it's cookie, and then redirects to the next domain, etc., but even this can be blocked in Mozilla (thank god)

RE: Cookies - might be off topic

AFAIK, browsers will only send cookies back to the domain that set them. So this may not be possible without some sneakerylike somehow spoofing the hostname, etc. It may also be possible if all the domains resolve to the same IP...but even then I'm not sure how you could do it... good luck.

Re: Cookies and IP Addresses

Hi, not sure about the REMOTE_ADDR, I've never had any problems with it. To get an IP from a URI try this: use Socket; $referral_address = $ENV{'HTTP_REFERER'}; $referral_address =~ m#^.*http://([^/]+)/.*$#; $IP = inet_ntoa inet_aton $1; If you want the IP address in hex, just use inet_aton.

Re: cookies

TECTED]> Sent: Wednesday, October 02, 2002 11:04 AM Subject: RE: cookies > Hi Aman, > > I've had exactly the same problem. I strongly suspect it's an IE thing. > I've not found a way round it other than looking at the HTTP_REFERER and > removing cookies from pag

RE: cookies

Hi Aman, I've had exactly the same problem. I strongly suspect it's an IE thing. I've not found a way round it other than looking at the HTTP_REFERER and removing cookies from pages that had not come from my site. R -Original Message- From: aman cgiperl [mailto:[EMAIL PROTECTED]] S

Re: cookies

On Wednesday, October 2, 2002, at 08:26 AM, aman cgiperl wrote: > I am not using CGI.pm I don't mean to be offensive here, but why would you not use a standard Perl module that's only purpose is to make coding CGI easier?! James -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional c

Re: cookies

The URL to the code: http://kleo.net/cookie2.txt

Re: cookies

On Tue, 12 Mar 2002, Matthew Harrison wrote: > #!/usr/bin/perl > > use CGI qw/:standard/; > $q = new CGI; > print header(); > > $cookie = $q->cookie(-name=>'fontsize', >       -value=>'12', >       -expires=>'20s', Matt: You must print the output of CGI.pm to ST

Re: cookies

> "Matthew" == Matthew Harrison <[EMAIL PROTECTED]> writes: Matthew> can someone show me an example of setting and retrieving a cookie using Matthew> CGI.pm. I have tried the following but it won't set a cookie. I have my Matthew> browser set to ask me whether i want to allow the cookies, a

Re: Cookies ...

Polikarpov Cyrill wrote: > I'm working whith perl but I don't know how to work whith cookies. Give > me please some tips for this one ... A good start would probably be to read the documentation of HTTP::Cookies perldoc HTTP::Cookies or http://search.cpan.org/doc/GAAS/libwww-perl-5.63/lib/H

RE: Debugging tips: Re: Cookies stopped working

ne and running the script, it appears to be working correctly. Thank-you for your input. Kirk W. Batzer [EMAIL PROTECTED] -Original Message- From: Curtis Poe [mailto:[EMAIL PROTECTED]] Sent: Wednesday, October 31, 2001 12:34 PM To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Cc: [EMAIL PROTECTE

Debugging tips: Re: Cookies stopped working

--- "Kirk W. Batzer" <[EMAIL PROTECTED]> wrote: > I'm attempting to port a perl CGI application > from: "perl, 5.005_02 built for 3446-svr4.0" > to:"perl, v5.6.1 built for sun4-solaris" > > The application uses "cookies" to maintain "state" information. The > following code is successfully

Re: Cookies stopped working

Hi there, Your code looks OK...but first I'd tie the -NAME key to => $your_true_reference and also eliminate the comma after the $user value. It should work that way. Good luck. Marcos >>> "Kirk W. Batzer" <[EMAIL PROTECTED]> 10/30/01 10:38PM >>> I'm attempting to port a perl CGI applicati

RE: Cookies and Security

Joel is right. A "known plaintext" attack is very effective... and sending a sample of you encryption to anyone is risky. Also, just for information sake, you can recover passwords from digest form... sort of. Ever heard of "Crack" or "John the Ripper"? If you enforce strong passwords then it

Re: Cookies and Security

--- Ryan Davis <[EMAIL PROTECTED]> wrote: > OK, I know this is getting a little off-topic, but I think security is a big > issue, especially with newbies like myself, and deserves some good > discussion. Also, there's probably not a perl-cgi-beginners-security list, > nor should there be. > > I l

Re: Cookies and Security

]> To: CGI Beginners <[EMAIL PROTECTED]> Sent: Wednesday, August 08, 2001 12:42 PM Subject: RE: Cookies and Security > --- Joel Hughes <[EMAIL PROTECTED]> wrote: > > Curtis, > > are you sure that sending the digest back to the client in cookie form is a > > good id

RE: Cookies and Security

--- Joel Hughes <[EMAIL PROTECTED]> wrote: > Curtis, > are you sure that sending the digest back to the client in cookie form is a > good idea? > > I mean, if I were a hacker, could I not register and then retrieve the > digest - you then have the plain text and the cipher text. (admittedly you >

RE: Cookies and Security

function. joel -Original Message- From: Curtis Poe [mailto:[EMAIL PROTECTED]] Sent: 08 August 2001 17:38 To: CGI Beginners Subject: Re: Cookies and Security --- Ryan Davis <[EMAIL PROTECTED]> wrote: > First of all, thanks for the quick response. This application isn't in use &g

Re: Cookies and Security

--- Ryan Davis <[EMAIL PROTECTED]> wrote: > First of all, thanks for the quick response. This application isn't in use > yet, so now is the time to make security changes > > A few questions/let me see if I'm following you: > > A user enters their password, I create the digest, and store the dig

Re: Cookies and Security

Ryan Davis wrote: > > First of all, thanks for the quick response. This application isn't in use > yet, so now is the time to make security changes > > A few questions/let me see if I'm following you: > > A user enters their password, I create the digest, and store the digest as a > cookie.

Re: Cookies and Security

the message _out_ of digest form. Thanks, Ryan - Original Message - From: Curtis Poe <[EMAIL PROTECTED]> To: CGI Beginners <[EMAIL PROTECTED]> Sent: Wednesday, August 08, 2001 11:00 AM Subject: Re: Cookies and Security > --- Ryan Davis <[EMAIL PROTECTED]> wrot

Re: Cookies and Security

--- Ryan Davis <[EMAIL PROTECTED]> wrote: > Hey all, > > I have a password protected area, and after the user puts in their password, I store >it in a > cookie, and the CGI reads that cookie every time to determine if the user is logged >in or not. > I figured this was safer than passing a 'lo

Re: Cookies and Security

Your script will be multiply concurrent, will it not? That is, several users may be executing the same [instance of the] script. How are you going to tell them apart? I know CGI.pm retains values from a previous invocation, but have never understood how to differentiate between the separate users

Re: COOKIES AGAIN...

--- Nigel Wetters <[EMAIL PROTECTED]> wrote: > One of our partners ran into a problem with load balancing on IIS. Each server set a >session > cookie, which eventually pushed the useful cookies out of the browser's store. Yet >another > reason why IIS isn't ready for enterprise-level solutions.

Re: cookies

Bradley, When I use: print "$_ - " . $cookie{$_}->value . ""; I get "Can't call method "value" on an undefined value"! Any ideas? Thanks, Jerry "Bradley M. Handy" wrote: > > > -Original Message- > > From: Jerry Preston [mailto:[EMAIL PROTECTED]] > > Sent: Wednesday, July 11, 2001

RE: cookies

> -Original Message- > From: Jerry Preston [mailto:[EMAIL PROTECTED]] > Sent: Wednesday, July 11, 2001 7:29 AM > To: cgi > Subject: cookies > > > Hi! > > I guess I am missing the boat. I have read CGI::Cookie and > played with the code, but I would think that I should be able to > read