Hello and good evening to all.
I have my app that uses InternetSetCookie to create (session) cookies needed for its job. However I want to remove the cookie named for ex. 'badcookie' after each request via
InternetSetCookie("http://www.domain.com", "badcookie", "");
and
InternetSetCookie("http://www.domain.com", NULL, "badcookie=")
but...in best case it will send cookie w/o any value and thats that.
My question is how to completly remove this cookie?
(No, I dont want to make them permanent and call cleanup() 10 times, maybe I would create thread for each request but its akward if I do it)
InternetSetCookie("http://domain.com", NULL, "badcookie=bye; expires = Sat,01-Jan-1970 00:00:00 GMT");
This removed the complete txt file with some other cookies inside. Before I was using www.domain.com and I saw that it was problem... now I face same issue as the link you posted (lossing more cookies) but my question is answered now.
PS This works with session cookies too.
My answer isn't 100% complete, but maybe it's a start. I'd suggest setting the expiration of the cookie to be in the past, as this will force the client to clear the cookie. I'm not familiar with WinINET syntax, so maybe someone has a better answer. I'm more of an ASP.NET person - but this article seems to suggest how to expire the cookie.
Based on gaor's response to my initial comment, sounds like there's still a little more work to do to completely fix this. But hopefully this helps and gets someone pointed in the right direction.
Hope this helps!
Related
I am looking for some way how to save exact cookie in Cypress through whole test case.
Was using
Cypress.Cookies.defaults({ preserve: 'cookie_name' })
and
Cypress.Cookies.preserveOnce('cookie_name')
but this doesn't work anymore. And the new cy.session() is not working for me, because I use custom addresses per user and per new form.
Does anyone know of anything that works better than cy.session()?
The use pattern of cy.session() is a bit opaque, but since it replaces the older cookie config it probably can be made to work.
I have seen a note somewhere that session is likely to be revamped shortly.
Since Cypress.Cookies.preserveOnce('cookie_name') is deprecated but still available, maybe use that until session mark 2 comes along.
I need some help working with Caddy2 Server and the Caddyfile.
Some background info:
Let's say I would like to reverse proxy on 2 sites named page1.com and page2.com
So for example currently page1.com is visible in localhost:8080/page1 and page2.com is visible in localhost:8080/page2
Now assume that /page1 gives me a specific cookie named "myCookie" which has some random value in it.
I would like to pass this cookie also to /page2, so I'd have the cookie "myCookie" on both pages.
I know that I can use header_down +Set-Cookie "..." on /page2, but since the value is random, I would need to somehow safe the cookie value from /page1 in order to reuse it or pass it to /page2
And that's where my knowledge reaches its limits, because in every research I did I couldn't find a way to store that value since Caddy2 doesn't seem to support variables.
Does anyone have a clue & is able to help me out with this one?
Thanks in advance!
Best Regards
Furkan
Meanwhile I've found a solution on how to accomplish this and decided to post it up here for someone who also may research for this in the future.
The idea behind that is to change the path of "myCookie" from /page1 to /, so the page2 is also able to access that cookie. I've also renamed that cookie in between just to make it clear that it now isn't only the cookie of /page1
header_down Set-Cookie "/page1" "/" # this will change the path of the cookie to /
header_down Set-Cookie "myCookie" "ourCookie"
header_up Set-Cookie "ourCookie" "myCookie"
I am using redirectTo() function with params to redirect to another pages with a query string in the url. For security purpose this does not look appealing because the user can change the parameters in the url, thus altering what is inserted into the database.
My code is:
redirectTo(action="checklist", params="r=#r#&i=#insp#&d=#d#");
Is there anyway around this? I am not using a forms, I just wish to redirect and I want the destination action/Controller to know what I am passing but not display it in the url.
You can obfuscate the variables in the URL. CfWheels makes this really easy.
All you have to do is call set(obfuscateURLs=true) in the config/settings.cfm file to turn on URL obfuscation.
I am sure this works with linkTo() function. I hope it works with RedirectTo() funcation as well. I do not have a set up to check it now. But if doesn't work for RedirectTo(), you can obfuscateParam() and deObfuscateParam() functions to do job for you.
Caution: This will only make harder for user to guess the value. It doesn't encrypt value.
To know more about this, Please read the document configuration and defaults and obfuscating url
A much better approach to this particular situation is to write params to the [flash].1 The flash is exactly the same thing as it is in Ruby on Rails or the ViewBag in ASP.Net. It stores the data in a session or cookie variable and is deleted at the end of the next page's load. This prevents you from posting back long query strings like someone that has been coding for less than a year. ObfuscateParam only works with numbers and is incredibly insecure. Any power user can easily deobfuscate, even more so with someone that actually makes a living stealing data.
This suddenly stopped working. We have Google Analytics on our page and a couple of months ago we tweaked the code so that GA's cookies would only be set for www.igre123.com and not it's subdomains (we do a redirect from igre123.com to www.igre123.com, so that users are always using www.).
We did this because we have two subdomains that serve static content (css, js, thumbnails, etc) from (s.igre123.com and static.igre123com).
To prevent cookies being set for the subdomains (and only for www.) we modified our GA code to look something like this:
...
_gaq.push(['_setDomainName','www.igre123.com']);
_gaq.push(['_trackPageview']);
...
This did the trick but now it's not working anymore. Anybody have some idea why this stopped working? Unfortunately I don't know when exactly this stopped working :/
edit: tracking otherwise works without a problem.
OK after much head banging I managed to solve this mystery. Turns out that the order of the _gaq.push([]);'s is relevant. If you have, besides the usual _setAccount and _trackPageView, any other GA calls (like _setCustomVar), that set cookies, you have to tell GA which domain to set cookies for first. Seems obvious in retrospect but to be fair, that's not really clear from the documentation.
Anyhow be sure to put the call to _setDomainNamefirst, and then any other GA calls you might have.
I have a simple app where users type in stuff in a text filed to get various results. I would like a feature where if a user enters something and then closes the browser tab, the next time they come, I can show them their previous/recent searches. This will persist even if they close the whole browser and open it again.
I believe this can be done by help of cookies. Are there some good rails3 gems for using cookies or any simple tutorial that could guide me in a direction?
http://railstutorial.org/chapters/sign-in-sign-out#sec:remember_me
This is a great book to get you started with rails3. (I would recommend to read it from the beginning)
In the link above, listing 9.12 gives you a good explanation about cookies.
Store the info in the session object:
session[:user_entry] = the_user_entry
http://guides.rubyonrails.org/action_controller_overview.html#session