[prev in list] [next in list] [prev in thread] [next in thread] 

List:       kde-core-devel
Subject:    Re: cookies or redirection?
From:       Lars Knoll <Lars.Knoll () mpi-hd ! mpg ! de>
Date:       2000-04-12 10:40:46
[Download RAW message or body]

On Wed, 12 Apr 2000, David Faure wrote:

> On Wed, Apr 12, 2000 at 12:05:32PM +0200, Lars Knoll wrote:
> > On Tue, 11 Apr 2000, Waldo Bastian wrote:
> > 
> > > On Tue, 11 Apr 2000, Lotzi Boloni wrote:
> > > > > I'll admit that I read slashdot and even have an account with it.. and
> > > > > would like to use konqueror to do so.  However, there are a number of
> > > > > problems (most of which I've sent to lars in a private email).
> > > > >
> > > > > There is one that I don't understand nor know who is working on that
> > > > > area.
> > > > >
> > > > > When you use accounts, slashdot uses cookies to log you in and it also
> > > > > uses the 'index.pl' page.  With Netscape, if you go to
> > > > > http://slashdot.org AND you have the slashdot cookie, you are
> > > > > automatically redirected to index.pl.  This is *not* the case with
> > > > > konqueror.  If you have the cookie and go to http://slashdot.org, then
> > > > > nothing happens.
> > > > >
> > > > > Any clue what's going on or who is the expert in this realm?
> > > >
> > > >   The same problem is happening with my excite account. I had some idea
> > > > that it is maybe a user-agent problem, because all the other functionality
> > > > is aparently there.
> > > >
> > > >   It would be nice if we could use konqi on these sites.
> > > 
> > > slashdot works for me now. Please update, compile& install kcookiejar 
> > > (kdelibs/kio/http/kcookiejar). 
> > > 
> > > restart with:
> > > 	kcookiejar --shutdown;kcookiejar
> > > 
> > > And let me know if you still have problems.
> > 
> > Works fine. I'd have one more idea for the cookiejar, but I have no
> > idea how to implement it ;-)
> > 
> > I'd like kcookiejar to ignore all cookies not coming from the same domain
> > as the main html page I'm looking at. This would stop all cookies
> > associated with banner ads.
> 
> I guess this would break things like linuxtoday.com, which redirects
> you to an IP number address, if the cookies still contain "linuxtoday.com".
> (Hmm, can't remember if there are cookies there, but you get the idea.
> Difficult to be sure the domain name will match exactly, no ?)

It shouldn't. Cookies are anyway bound to one host. So the ip number you
get redirected to won't get to see the cooky anyway. But disabling
cookies for images not served from the same server as the main page
would make it impossible for hosts like ads.doubleclick.net to collect
informations about users surf habits.

Anyway, I have one more thing about kcookiejar (maybe that's fixed
now...). It seems to ignore the "reject/accept all cookies from this
domain" setting sometimes. I click on that for the first cookie, and still
get more dialog boxes about cookies from the same host.

Another thing I noticed are password protected sites. kio_http requires me
to type in the password for every image I get from that site, instead of
remembering it for a while. We should try to find a solution, so that the
password stays in memory until the user leaves that site again.

I even get the password dialog, when I use a 
http://user:password@host/page.html
form for the url...

Cheers,
Lars

[prev in list] [next in list] [prev in thread] [next in thread]