search

lnln1111 / gappproxy

Automatically exported from code.google.com/p/gappproxy
GNU General Public License v3.0
0 stars 1 forks source link

解决多个 Set-Cookie 记录问题 #13

Open GoogleCodeExporter opened 9 years ago

GoogleCodeExporter commented 9 years ago 
GAPPProxy 目前对 Cookie 的处理有一些问题,主要出在对 header 
中的多个
Set-Cookie 域处理错误。

举例,当服务器返回的 header 中有多个 Set-Cookie 
域时,比如一般的 wordpress
返回的 header 中,Set-Cookie 域至少有三个:

Set-Cookie:
wordpress_776c41a2fee8d137928f3750eb1f0736=admin%7C1247298611%7C8b89cfc801618539
57182ddfc481cd72;
path=/wp-content/plugins; httponly
Set-Cookie:
wordpress_776c41a2fee8d137928f3750eb1f0736=admin%7C1247298611%7C8b89cfc801618539
57182ddfc481cd72;
path=/wp-admin; httponly
Set-Cookie:
wordpress_logged_in_776c41a2fee8d137928f3750eb1f0736=admin%7C1247298611%7C545dce
a44d5e69aec5c1203c64bee061;
path=/; httponly

GAPPProxy 会把它作为一个串传给本地浏览器:
Set-Cookie:
wordpress_776c41a2fee8d137928f3750eb1f0736=admin%7C1247298611%7C8b89cfc801618539
57182ddfc481cd72;
path=/wp-content/plugins; httponly,
wordpress_776c41a2fee8d137928f3750eb1f0736=admin%7C1247298611%7C8b89cfc801618539
57182ddfc481cd72;
path=/wp-admin; httponly,
wordpress_logged_in_776c41a2fee8d137928f3750eb1f0736=admin%7C1247298611%7C545dce
a44d5e69aec5c1203c64bee061;
path=/; httponly

这样本地浏览器对 Cookie 
的设置就会错误。解决办法很简单,将这个长串用
split(', ')切开,同样设置三个 Set-Cookie 域即可。

Patch:

Index: proxy.py
===================================================================
--- proxy.py    (revision 92)
+++ proxy.py    (working copy)
@@ -237,6 +237,11 @@
             (name, _, value) = line.partition(':')
             name = name.strip()
             value = value.strip()
+            if name == 'Set-Cookie':
+              value_list = value.split(', ')
+              for value in value_list:
+                self.send_header(name, value)
+              continue
             self.send_header(name, value)
             # check Content-Type
             if name.lower() == 'content-type':

Original issue reported on code.google.com by solrex on 9 Jul 2009 at 8:38

GoogleCodeExporter commented 9 years ago 
当服务器返回的 header 中有多个 Set-Cookie 域时,比如一般的 
wordpress 返回的 header
中,Set-Cookie 域至少有三个,GAPPProxy 
会把它作为一个串传给本地浏览器。
---------------------------
Confirmed, it's indeed a bug.

解决办法很简单,将这个长串用 split(', 
')切开,同样设置三个 Set-Cookie 域即可。
---------------------------
"," is a valid character in cookie. for instance:

wordpress=lovelywcm%7C1248344625%7C26c45bab991dcd0b1f3bce6ae6c78c92; 
expires=Thu,
23-Jul-2009 10:23:45 GMT; path=/wp-content/plugins; domain=.wordpress.com; 
httponly

split(', ') would result in another bug.

Original comment by lovelywcm on 10 Jul 2009 at 1:53

GoogleCodeExporter commented 9 years ago 
"," is a valid character in cookie. for instance:

wordpress=lovelywcm%7C1248344625%7C26c45bab991dcd0b1f3bce6ae6c78c92; 
expires=Thu,
23-Jul-2009 10:23:45 GMT; path=/wp-content/plugins; domain=.wordpress.com; 
httponly

split(', ') would result in another bug.
--------------------------------------------
OK. Then we have to work on the server side...;)

Original comment by solrex on 10 Jul 2009 at 2:58

GoogleCodeExporter commented 9 years ago 
A update patch to fix this bug:

Index: fetch.py
===================================================================
--- fetch.py    (revision 92)
+++ fetch.py    (working copy)
@@ -29,6 +29,7 @@
 from google.appengine.ext import webapp
 from google.appengine.api import urlfetch
 from google.appengine.api import urlfetch_errors
+import re
 # from accesslog import logAccess

@@ -153,14 +154,12 @@
             if header.strip().lower() in self.HtohHdrs:
                 # don't forward
                 continue
-            ## there may have some problems on multi-cookie process in 
urlfetch.
-            #if header.lower() == 'set-cookie':
-            #    logging.info('O %s: %s' % (header, resp.headers[header]))
-            #    scs = resp.headers[header].split(',')
-            #    for sc in scs:
-            #        logging.info('N %s: %s' % (header, sc.strip()))
-            #        self.response.out.write('%s: %s\r\n' % (header, 
sc.strip()))
-            #    continue
+            # there may have some problems on multi-cookie process in urlfetch.
+            if header.lower() == 'set-cookie':
+                scs = re.sub(r', ([^;]+=)', r'\n\1', 
resp.headers[header]).split('\n')
+                for sc in scs:
+                    self.response.out.write('%s: %s\r\n' % (header, 
sc.strip()))
+                continue
             # other
             self.response.out.write('%s: %s\r\n' % (header, resp.headers[header]))
             # check Content-Type

Original comment by solrex on 10 Jul 2009 at 5:18

GoogleCodeExporter commented 9 years ago 
Update:

To avoid ', ' appears near the end of a cookie line, 

scs = re.sub(r', ([^;]+=)', r'\n\1', resp.headers[header]).split('\n')

should be modified to:

scs = re.sub(r', ([^,;]+=)', r'\n\1', resp.headers[header]).split('\n')

Original comment by solrex on 10 Jul 2009 at 6:23

GoogleCodeExporter commented 9 years ago 
Add a patched fetch.py file for ease of use.

Original comment by solrex on 10 Jul 2009 at 6:56

Attachments:

GoogleCodeExporter commented 9 years ago 
我也遇到过类似情形,nokia 
s40系统只能获取到单行的Set-Cookie信息。

单行Set-Cookie设置多个cookie信息,他们之间的分割符采用的是�
��么,是\n么?
我使用\n会报错,最后用的是\r。

Original comment by bit.kevin on 18 Aug 2009 at 7:18

GoogleCodeExporter commented 9 years ago 
修改上传以后,facebook还是有问题啊

Original comment by imcap...@gmail.com on 11 Oct 2009 at 1:09

GoogleCodeExporter commented 9 years ago 
都到现在了 还没有一个完美的解决方案吗?真让人头疼
那些修改过的补丁我也试过 但是依然出现很多问题

Original comment by LHW...@gmail.com on 24 Oct 2009 at 2:35

GoogleCodeExporter commented 9 years ago 
试用solrex2上传到服务端,用webkit内核的浏览器登陆twitter没问
题。

Original comment by ke.ker...@gmail.com on 20 Nov 2009 at 5:39

GoogleCodeExporter commented 9 years ago 
我用了新的fetch.py依然无法登录twitter

Original comment by ge.xiny...@gmail.com on 28 Jan 2010 at 2:36

GoogleCodeExporter commented 9 years ago 
用了新的fetch.py后可以登录twitter。
继续测试facebook

Original comment by fwj...@gmail.com on 28 Jan 2010 at 10:33

GoogleCodeExporter commented 9 years ago 
twitter facebook登录都可以。 
在浏览器里排除一些不需要代理的外国网站,还可以玩facebook
的网页flash游戏,效果不错

Original comment by fwj...@gmail.com on 29 Jan 2010 at 1:31

GoogleCodeExporter commented 9 years ago 
my patch
--- fetch.py    2010-03-03 11:30:41.000000000 +0800
+++ fetch.py    2010-03-03 11:30:21.000000000 +0800
@@ -156,13 +156,14 @@
                 # don't forward
                 continue
             ## there may have some problems on multi-cookie process in urlfetch.
-            #if header.lower() == 'set-cookie':
-            #    logging.info('O %s: %s' % (header, resp.headers[header]))
-            #    #scs = resp.headers[header].split(',')
-            #    for sc in scs:
-            #        logging.info('N %s: %s' % (header, sc.strip()))
-            #        self.response.out.write('%s: %s\r\n' % (header, 
sc.strip()))
-            #    continue
+            if header.lower() == 'set-cookie':
+                logging.info('O %s: %s' % (header, resp.headers[header]))
+                #scs = resp.headers[header].split(',')
+                scs = re.split('(?<!Mon|Tue|Wed|Thu|Fri|Sat|Sun), ', 
resp.headers[header])
+                for sc in scs:
+                    logging.info('N %s: %s' % (header, sc.strip()))
+                    self.response.out.write('%s: %s\r\n' % (header, 
sc.strip()))
+                continue
             # other
             self.response.out.write('%s: %s\r\n' % (header, resp.headers[header]))
             # check Content-Type

Original comment by xlam...@gmail.com on 3 Mar 2010 at 5:50

GoogleCodeExporter commented 9 years ago 
xlambda's patch is working!LOL

Original comment by cxfksw...@gmail.com on 30 May 2010 at 7:11

GoogleCodeExporter commented 9 years ago 
用了那个9.7k的fetch.py 还是无法正常登陆facebook & twitter。 
期望有人能早日做出解决这个bug的新版本程序

Original comment by davidwan...@gmail.com on 17 Jun 2010 at 9:42

GoogleCodeExporter commented 9 years ago 
#15 try http://zi.mu/kst, upload gae_server with SDUpload

Original comment by www.eh...@gmail.com on 17 Jun 2010 at 2:28

GoogleCodeExporter commented 9 years ago 
Thanks for upstairs, but I don't know how to download anything from the site 
you leave to me. If possible, could you please sent the new version of py file 
to my email: davidwangxizhi@gamil.com 
Thank you so much.

Original comment by davidwan...@gmail.com on 27 Jun 2010 at 5:31

GoogleCodeExporter commented 9 years ago 
[deleted comment]
GoogleCodeExporter commented 9 years ago 
This patch solves problem that multi-Set-Cookie which a following cookie name 
start with number(0~9) will be returned together in version 113.

Index: fetch.py
===================================================================
--- fetch.py    (版本 113)
+++ fetch.py    (工作副本)
@@ -167,8 +167,8 @@
                 for sc in scs:
                     if nsc == "":
                         nsc = sc
-                    elif re.match(r"[ \t]*[0-9]", sc):
-                        # expires 2nd part
+                    elif nsc[-3:] in 
("Mon","Tue","Wed","Thu","Fri","Sat","Sun"):
+                       # expires 2nd part
                         nsc += "," + sc
                     else:
                         # new one

Original comment by cff29...@gmail.com on 19 Jan 2011 at 1:04