From simkoc at postfach.it Sun Dec 9 17:15:08 2012 From: simkoc at postfach.it (Simon Koch) Date: Sun, 9 Dec 2012 18:15:08 +0100 (CET) Subject: [drakma-devel] error while parsing set cookie containing httponly & secure Message-ID: <41932.88.134.28.142.1355073308.squirrel@www.infininet.de> When parsing this Set-Cookie line: Set-Cookie: shssl=4058628; path=/; secure; HttpOnly The resulting Cookie is: # Which misses both features: 'HttpOnly' and 'secure'. I traced the bug down to 'parse-set-cooie' which returns (("Set-Cookie: shssl" "4058628" (("path" . "/") ("secure; HttpOnly")))) instead of (("Set-Cookie: shssl" "4058628" (("path" . "/") ("secure") ("HttpOnly")))) As far as I understood the code the problem is caused by 'read-name-value-pairs' of chunga. I am using chunga 1.1.1 and drakma 1.2.9 Is this a already known bug/problem? From hans.huebner at gmail.com Sun Dec 9 17:44:14 2012 From: hans.huebner at gmail.com (=?ISO-8859-1?Q?Hans_H=FCbner?=) Date: Sun, 9 Dec 2012 18:44:14 +0100 Subject: [drakma-devel] error while parsing set cookie containing httponly & secure In-Reply-To: <41932.88.134.28.142.1355073308.squirrel@www.infininet.de> References: <41932.88.134.28.142.1355073308.squirrel@www.infininet.de> Message-ID: Simon, thank you for your report. It is not a known problem. I'd be grateful if you could open a github issue (https://github.com/edicl/drakma/issues). From glancing at your description, it seems to me that this is indeed a bug that should be fixed. Thanks, Hans On Sun, Dec 9, 2012 at 6:15 PM, Simon Koch wrote: > When parsing this Set-Cookie line: > > Set-Cookie: shssl=4058628; path=/; secure; HttpOnly > > The resulting Cookie is: > > # > > Which misses both features: 'HttpOnly' and 'secure'. > > I traced the bug down to 'parse-set-cooie' which returns > (("Set-Cookie: shssl" "4058628" (("path" . "/") ("secure; HttpOnly")))) > > instead of (("Set-Cookie: shssl" "4058628" (("path" . "/") ("secure") > ("HttpOnly")))) > > As far as I understood the code the problem is caused by > 'read-name-value-pairs' of chunga. > > I am using chunga 1.1.1 and drakma 1.2.9 > > Is this a already known bug/problem? > > > _______________________________________________ > drakma-devel mailing list > drakma-devel at common-lisp.net > http://lists.common-lisp.net/cgi-bin/mailman/listinfo/drakma-devel From simkoc at postfach.it Sun Dec 9 18:00:07 2012 From: simkoc at postfach.it (Simon Koch) Date: Sun, 9 Dec 2012 19:00:07 +0100 (CET) Subject: [drakma-devel] error while parsing set cookie containing httponly & secure In-Reply-To: References: <41932.88.134.28.142.1355073308.squirrel@www.infininet.de> Message-ID: <42459.88.134.28.142.1355076007.squirrel@www.infininet.de> I did: https://github.com/edicl/drakma/issues/24 I also got a crude fix for the problem by adding those two functions: (defun clean-string (string of) "cleans a given string of of by exploding them and concatenating the resulting list using consing" (labels ((clean (sequence) (if sequence (if (char= (car sequence) of) (clean (cdr sequence)) (cons (car sequence) (clean (cdr sequence)))) nil))) (coerce (clean (coerce string 'list)) 'string))) (defun fix-parameters (parameters) "goes through the given parameterlist an checks whether seperated parameters are in one parameterpair cons for then seperating them and cleaning them of #\; and #\SPACE" (if parameters (if (find #\; (caar parameters)) (cons (cons (subseq (caar parameters) 0 (position #\; (caar parameters))) nil) (cons (cons (clean-string (clean-string (subseq (caar parameters) (position #\; (caar parameters))) #\;) #\ ) nil) (fix-parameters (cdr parameters)))) (cons (car parameters) (fix-parameters (cdr parameters)))) nil)) and modifying parse-set-cookie: (defun parse-set-cookie (string) "Parses the `Set-Cookie' header line STRING and returns a list of three-element lists where each one contains the name of the cookie, the value of the cookie, and an attribute/value list for the optional cookie parameters." (let ((*current-error-message* (format nil "While parsing cookie header ~S:" string)) result) (dolist (substring (split-set-cookie-string string)) (with-sequence-from-string (stream substring) (let* ((name/value (read-name-value-pair stream :cookie-syntax t)) (parameters (read-name-value-pairs stream :value-required-p nil :cookie-syntax t))) (push (list (car name/value) (cdr name/value) (fix-parameters parameters)) result)))) (nreverse result))) But as the problem seems to be the chunga function, I'd rather isolate and fix the bug there instead of adding some compensating code in drakma. Am So, 9.12.2012, 18:44, schrieb Hans H?bner: > Simon, > > thank you for your report. It is not a known problem. I'd be > grateful if you could open a github issue > (https://github.com/edicl/drakma/issues). From glancing at your > description, it seems to me that this is indeed a bug that should be > fixed. > > Thanks, > Hans > > On Sun, Dec 9, 2012 at 6:15 PM, Simon Koch wrote: >> When parsing this Set-Cookie line: >> >> Set-Cookie: shssl=4058628; path=/; secure; HttpOnly >> >> The resulting Cookie is: >> >> # >> >> Which misses both features: 'HttpOnly' and 'secure'. >> >> I traced the bug down to 'parse-set-cooie' which returns >> (("Set-Cookie: shssl" "4058628" (("path" . "/") ("secure; HttpOnly")))) >> >> instead of (("Set-Cookie: shssl" "4058628" (("path" . "/") ("secure") >> ("HttpOnly")))) >> >> As far as I understood the code the problem is caused by >> 'read-name-value-pairs' of chunga. >> >> I am using chunga 1.1.1 and drakma 1.2.9 >> >> Is this a already known bug/problem? >> >> >> _______________________________________________ >> drakma-devel mailing list >> drakma-devel at common-lisp.net >> http://lists.common-lisp.net/cgi-bin/mailman/listinfo/drakma-devel > > _______________________________________________ > drakma-devel mailing list > drakma-devel at common-lisp.net > http://lists.common-lisp.net/cgi-bin/mailman/listinfo/drakma-devel > > From hans.huebner at gmail.com Sun Dec 9 21:04:32 2012 From: hans.huebner at gmail.com (=?ISO-8859-1?Q?Hans_H=FCbner?=) Date: Sun, 9 Dec 2012 22:04:32 +0100 Subject: [drakma-devel] Drakma documentation overhaul Message-ID: Hi, while fixing some bugs in Drakma recently, I was notified that the documentation and the docstrings were not matching well anymore. I have decided to overhaul the documentation, and in the process of that, I also made some source changes. There will be more changes soon, so you may experience instabilities when you're using the master branch from github. Comments regarding the documentation would be very welcome, I have put a version up for review at http://netzhansa.com/drakma.html Thanks, Hans From hans.huebner at gmail.com Sun Dec 9 21:41:01 2012 From: hans.huebner at gmail.com (=?ISO-8859-1?Q?Hans_H=FCbner?=) Date: Sun, 9 Dec 2012 22:41:01 +0100 Subject: [drakma-devel] error while parsing set cookie containing httponly & secure In-Reply-To: <42459.88.134.28.142.1355076007.squirrel@www.infininet.de> References: <41932.88.134.28.142.1355073308.squirrel@www.infininet.de> <42459.88.134.28.142.1355076007.squirrel@www.infininet.de> Message-ID: Simon, I fixed this in Chunga, the new release is 1.1.2. If you could give it a try and let me know if things work better now, I'd appreciate it. Thanks, Hans