[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: HTTPAPI to SSL Website
Jon,
Rather than blindly stab at it, get a copy of wireshark and track down what
a "normal" (browser based) session looks like. Than compare that to the
debug log. If you don't find the difference there, you will need to
wireshark the IBM i connection and see what the difference is. It is
probably something simple like not encoding a byte or two of data the way it
is expected.
Let us know how you progress.
Mike Krebs
-----Original Message-----
From: ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx
[mailto:ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx] On Behalf Of Scott Klement
Sent: Thursday, June 26, 2008 1:20 PM
To: HTTPAPI and FTPAPI Projects
Subject: Re: HTTPAPI to SSL Website
The following link is the RFC that describes cookie support (the
"standard" so to speak):
http://www.ietf.org/rfc/rfc2109.txt
It states (in BNF grammar) that the cookie name follows the syntax rules
of a cookie attribute. And it states the following about cookie
attributes: "Attributes (names) (attr) are case-insensitive.".
I also found the following page from Microsoft:
http://msdn.microsoft.com/en-us/library/ms970178.aspx
In the section about the cookie names, it states "Cookie names are NOT
case-sensitive."
Consequently, it shouldn't matter that HTTPAPI is received "JSESSIONID"
and sending "jsessionid". However, I find myself wondering if that's
still the cause of the error. That's one of the constant problems of
developing an HTTP client. If Firefox and IE work a particular way,
then that way is (de-facto) "the right way" even if the standards say
otherwise.
In this case, if those two browsers always return the cookie name in the
same case that it was sent, then it's very possible for folks to write a
web application that relies on the cookie name to be case-sensitive.
And they can "prove" (via testing) that they are "correct" because IE
and Firefox both work properly with their site. Therefore, I'm wrong,
despite that my code conforms to the standards :)
Unfortunately, we don't really know if this is the problem or not at
this point... it's pure speculation on my part.
Scott Klement wrote:
> What I notice in your debug file is that the cookie name is uppercase
> when it's sent to you, and lowercase when it's sent back to the server.
> I wonder if that matters? I'll have to do some research...
>
-----------------------------------------------------------------------
This is the FTPAPI mailing list. To unsubscribe, please go to:
http://www.scottklement.com/mailman/listinfo/ftpapi
-----------------------------------------------------------------------
-----------------------------------------------------------------------
This is the FTPAPI mailing list. To unsubscribe, please go to:
http://www.scottklement.com/mailman/listinfo/ftpapi
-----------------------------------------------------------------------