((( [logo]Racket )))Need Help?
AboutDownloadDocumentationPLaneTCommunityLearning

[racket] Cookie Indigestion

From: J G Cho (gcho at fundingmatters.com)
Date: Thu May 19 00:16:35 EDT 2011		 
Ha! All the error messages did seemed to end in blahblah=.

(I am going to blame the cold I am recovering from for making me think
that somehow {key:val} was used. Either that or I've been using too
much JSON and forgot some things predate JSON like cookies and s-exp.)

I have a question about the substring logic. It does not seem to look
for = or \n but chops off the last 3. Am I to infer that that is the
case for all the outcome of (bytes->string/utf-8 (base64-encode
(HMAC-SHA1 ....?

And thank you for your keen diagnosis as usual. And for the code as
well. (Note to self: So that's what professional code looks like? I
got a long way to go.)

jGc

On Wed, May 18, 2011 at 1:57 PM, Jay McCarthy <jay.mccarthy at gmail.com> wrote:
> That's exactly the problem.
>
> Here's a fairly re-usable identifying cookie:
>
> https://github.com/jeapostrophe/m8b/blob/master/id-cookie.rkt
>
> Notice at the top I just get the substring of the BASE64.
>
> Jay
>
> 2011/5/18 Neil Van Dyke <neil at neilvandyke.org>:
>> J G Cho wrote at 05/18/2011 04:23 AM:
>>>
>>> (define (make-digest s1 s2)
>>>  (bytes->string/utf-8
>>>  (base64-encode
>>>   (HMAC-SHA1 (string->bytes/utf-8 s1)
>>>              (string->bytes/utf-8 s2)))))
>>>
>>> I then use it to make a cookie like:
>>>
>>>  (define digest
>>>    (make-digest "saltycracker" (string-append "time" time "id" "joseph")))
>>>
>>>  (define digest-cookie
>>>    (make-cookie "digest" digest))
>>>
>>> Writing it out seems to go okay but when I try to read it back, I am
>>> greeted with:
>>>
>>> lexer: No match found in input starting with:
>>> "WFs1fa0jLTOXqiLG08EtBq1wNYI=
>>>
>>
>> Is the problem that the BASE64 output contains "=" and newline characters,
>> and that's getting into the HTTP header verbatim?
>>
>> If that's the problem, then probably you want to trim the "=" and newline
>> characters from the string.  (You could re-encode, but that would be
>> redundant, since the purpose of BASE64 is to encode bytes safely for
>> transport.)
>>
>> --
>> http://www.neilvandyke.org/
>> _________________________________________________
>>  For list-related administrative tasks:
>>  http://lists.racket-lang.org/listinfo/users
>>
>
>
>
> --
> Jay McCarthy <jay at cs.byu.edu>
> Assistant Professor / Brigham Young University
> http://faculty.cs.byu.edu/~jay
>
> "The glory of God is Intelligence" - D&C 93
>
Posted on the users mailing list.