Download Client Interaction: Browser Redirection and Cookies and more Lab Reports Information Technology in PDF only on Docsity!
Client Interaction
Browser Redirection:
Rather than produce a document directly, a browser can be redirected elsewhere. This can be done by redirecting via a static link or automatically by command to the browser. The redirect() function redirects the browser to a different URL. If you use redirection like this, you should not print out a header as well. You should always use full URLs (including the http: or ftp: part) in redirection requests; relative URLs will not work correctly. Static link: Exercise138: use strict; use CGI qw(:all); use CGI::Carp qw(warningsToBrowser fatalsToBrowser); print header; print start_html; print 'Click here'; print end_html; Redirection - old way: Exercise139: use strict; my $url="http://www.oakton.edu/~rjtaylor"; print "Location: $url\n\n"; New way: Exercise140: use strict; use CGI qw(:all); use CGI::Carp qw(warningsToBrowser fatalsToBrowser); my $url="http://www.oakton.edu/~rjtaylor"; print redirect("$url"); Exercise141: use strict; use CGI qw(:all); use CGI::Carp qw(warningsToBrowser fatalsToBrowser); my $url="http://www.oakton.edu/~rjtaylor"; print redirect(-uri=>$url); Note the difference between exercises 140 and 141 in format and results.
Cookies
HTTP is a stateless protocol. Stateless protocols retain no memory of past activity, they know only the current “state”. This makes site tracking difficult. Cookies provide a way to maintain information from one HTTP request to the next. CGI.pm has several methods that support cookies. A cookie is a name=value pair like the named parameters in a CGI query string. CGI server scripts create one or more cookies and send them to the browser in the HTTP header. The browser maintains a list of cookies that belong to a particular Web server on disk, and returns them to the CGI script during subsequent interactions. A client may hold a maximum of 300 cookies and a single server may give 20 cookies to a client. Cookies can be 4 kilobytes each, including the name and data, so at most a visitor's hard disk may have 1.2 megabytes of hard disk being used to store cookies. In addition, cookie data may only be written to one file. Cookies are set using a Set-cookie: HTTP header with 5 possible fields separated with a semicolon and a space. These fields are: cookie-name=cookie-value; - name of the cookie and its value. The name and the value combined must be less than 4 kilobytes in length. exiration=exiration-date; - the date the cookie will be deleted from the cookie file. You can delete a previously set cookie ahead of schedule, by creating a second cookie with the same name, path, and domain, but with an expiration date in the past. path=cookie-path; - Combines with the domain name to determine when a browser should show a cookie to the server. domain=server-domain; - Used to determine when a browser should show a cookie to the server. Usually, cookies are created with the web server's name without the www. For example, .oakton.edu instead of www.oakton.edu. Notice that the leading period is retained. secure – when set to “1”, ensures that the cookie will only be sent back to the server when a secure HTTP connection has been established. httponly – when set to “1”, the cookie will only be accessible through HTTP Requests but inaccessible via JavaScript (to prevent XSS attacks). This feature is only recognised by MS Internet Explorer 6 Service Pack 1 and later. A typical cookie element looks like this: Set-Cookie: user_addr=ppp1.dialin.iupui.edu; expires=Wednesday, 09-Nov-99 00:00:00 GMT; path=/cgi-bin/; domain=.oakton.edu; secure= Inside the HTTP_COOKIE environment variable, cookies are delimited by a semi-colon and a space. The cookie fields are separated by commas, and the name-value pairs are separated by equal signs. In order to use cookies, you need to parse the HTTP_COOKIE variable at three different levels
Notes on exercise142.pl
- Note alternative OOP syntax to above : print header(-cookie=>$cookie1);
- Note the flexibility of being able to create your own header manually, versus calling builtin CGI.pm functions like print header;
- fetch returns an associative array consisting of all cookies returned by the browser. The keys of the array are the cookie names. You can iterate through the cookies this way: %cookies = fetch CGI::Cookie; foreach (keys %cookies) { do_something($cookies{$_}); } The following examples show other method calls for creating and retrieving cookies.
Setting Cookies
Exercise143.pl: use CGI qw(:standard); use CGI::Carp qw(warningsToBrowser fatalsToBrowser); use strict; my $cid = int(rand( 1000000 )); my $cookie = cookie(-name=>'mycookie', - value=>$cid, - domain=>'.oakton.edu'); print header(-cookie=>$cookie); print start_html("Cookie"); print <<EndOfHTML; Welcome!
Your cookie is $cid. EndOfHTML print end_html;
Getting Cookies
Exercise144.pl: #!/usr/bin/perl -wT use CGI qw(:standard); use CGI::Carp qw(warningsToBrowser fatalsToBrowser); use strict; print header(); print start_html("Cookie"); print h2("Welcome!"); if (my $cookie = cookie('mycookie')) { print "Your cookie is $cookie.
"; } else { print "You don't have a cookie named `mycookie'.
"; } print end_html;
Non-CGI.pm Cookie Example:
The following example both sets and read cookies. First, it will create four cookies and then it will read those cookies from the HTTP_COOKIE environment variable. Inside the HTTP_COOKIE environment variable, the cookies are delimited by a semi-colon and a space. This program shows that the web server stores a copy of any cookies that you set into the HTTP_COOKIE environment variable. It only performs one level of parsing. Cookie fields are separated by commas, name- value pairs are separated by equal signs. In order to use cookies, you need to parse the HTTP_COOKIE variable at three different levels. A really useful getCookies() function would split the cookie on the comma character and then again on the equals character. Exercise145.pl use strict; use CGI::Carp qw(warningsToBrowser fatalsToBrowser); sub setCookie {
my($name, $val, $exp, $path, $dom, $secure) = @_;
my($name, $val, $exp) = @_; print("Set-Cookie: "); print("$name=$val, expires=$exp");
print(", $secure") if defined($secure);
print("\n"); } sub getCookies { my(%cookies); foreach (split (/; /,$ENV{'HTTP_COOKIE'})){ my($key) = split(/=/, $); $cookies{$key} = substr($, index($_, "=")+1); } return(%cookies); } my($expDate) = "Wednesday, 26-Nov-08 00:00:00 GMT";
my($theDomain) = ".oakton.edu";
my($path) = "/students/www181/ekaufmann/";
setCookie("user", "btaylor", $expDate); setCookie("user_addr", $ENV{'REMOTE_HOST'}, $expDate) if defined($ENV{'REMOTE_HOST'}); setCookie("flag", "black", $expDate); setCookie("car", "chevy:tracker:2001:ZR2:black", $expDate); my(%cookies) = getCookies(); print("Content-type: text/html\n\n"); print(""); print("
The Cookie Display"); print(""); print("
Cookies
"); print("
"); foreach (sort(keys(%cookies))) { print("| $ | $cookies{$} |
"); } print("
"); print(""); print("");
