lynx-dev
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: lynx-dev Cookies and command line operation


From: Leonid Pauzner
Subject: Re: lynx-dev Cookies and command line operation
Date: Wed, 3 Nov 1999 22:26:13 +0300 (MSK)

30-Oct-99 11:50 Klaus Weide wrote:
> On Sat, 30 Oct 1999, Leonid Pauzner wrote:
>> 29-Oct-99 20:48 Klaus Weide wrote:
>>
>> > So here's a somewhat different idea: A 'save_cookies' flag that
>> > tells lynx whther to *write* cookies to file or not.
>> > In interactive mode, default is
>> >  - ON if persistent cookies are enabled
>> >  - OFF if persistent cookies are disabled
>> > In noninteractive mode, default is
>> >  - OFF
>>
>> I think this is a very useful approach: always *read* cookies_file
>> (when cookies are ON),

> When (1) cookies are ON, or (2) when PERSISTENT_COOKIES are ON, or
> (3) when cookies are ON *and* PERSISTENT_COOKIES are ON?

> My idea was (2).

> Actually there isn't currently really one "cookies are ON/OFF"
> setting.  There is SET_COOKIES which controls receiving (accepting)
> of cookies in general, it doesn't affect the sending side of cookie
> precoessing directly (you may still be sending cookies if SET_COOKIES:
> FALSE but PERSISTENT_COOKIES:TRUE, see comments to SET_COOKIE in recent
> lynx.cfg).  Inconsistently, -cookies is the command line option that
> corresponds to SET_COOKIE, but -cookies=off still doesn't turn all
> cookie processing off, only the receiving-of-Set-Cookie side.

> (I'd appreciate if someone would check whether that's actually all
> true and not just my understanding...)

Hmm, interesting, I haven't thought on that.

There is a hole: HTTP.c uses LYSetCookies (aka -cookies flag or SET_COOKIES
from lynx.cfg) value while processing the received cookie from the remote
server; it is NOT checked while sending http request [see LYCookie() calls
near the top of HTTP.c].

There was no problem before when LYSetCookies were set once per lynx session
so cookies jar was always empty when the receiving of cookies were blocked.

Now, with modern persistent cookies, reloading lynx.cfg and
switching on/off cookies from the options menu
it is not consitent any more [we *send* cookie headers
in more situations than we probably want]. This may affect privacy
and caches somehow. The topic is: SET_COOKIES and PERSISTENT_COOKIES
are not mutually exclusive, there is an overload which is not intuitive.
>From the other hand, PERSISTENT_COOKIES flag is not available from
the options menu nor command line option.

That is discussible (if there is an auditorium:) -
many combinations possible:
1) add LYSetCookies check on the sending part of HTTP.c
2) add a new flag to allow writing of persistent cookies to a file
3) ...
4) ...

Any ideas?




reply via email to

[Prev in Thread] Current Thread [Next in Thread]