[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: HTTPAPI to SSL Website
Hi Jon,
> The site does appear to be using cookies - it appears to (try) store
> a "JSESSIONID" cookie in a directory called /CFLC. I don't see this
> in /tmp, nor do I see it anywhere on my local PC when I connect to
> the site via Firefox. I'm also explicitly turning cookies *ON, BTW.
The "path" presented in the cookie is not related to a directory in your
IFS. Instead, it's related to the URL that you send/receive from their
web server.
In other words, your jsessionid cookie should ONLY be sent to their web
server if the URL starts with "http[s]://servername/cflc". If that
/cflc isn't there after the server name, the cookie should not be sent
to them.
> Can you point me in the direction of a "cheat-sheet" that would
> describe the pieces needed (and the order that they need to be used)
> for HTTPAPI? That would REALLY be handy.
I'm not really sure what you're asking for.
> I have absolutely no idea if I'm connecting to the same server or not
> on alternate requests - is there a way to determine this?
I'd suggest eliminating the calls to the persist functions. Just call
http_url_get() and http_url_post() (or their "raw" variants). Then it
doesn't matter.
All the persist functions do is provide a means of maintaining the
connection between calls to improve performance. In other words, if I
want to do the following requests:
http://www.scottklement.com/test.php?id=1001
http://www.scottklement.com/test.php?id=1002
http://www.scottklement.com/test.php?id=1003
All of the requests are to the same server (www.scottklement.com) so
it's silly to connect, send the first request, disconnect, then connect
again, send request2, disconnect, etc. Sure, connecting/disconnecting
with each request will still work, but the connection process takes
time, so it'll hurt performance.
If, instead, I connect, send request1, send request2, send request3,
disconnect it'd be much faster. That's what the "persist" routines do,
they let you connect to the server once, issue several requests, and
then disconnect.
The burning issue, however, is that all requests have to go to the same
server. If the requests are for multiple servers, the
disconnect/reconnect is manditory since you need to talk to a completely
different machine.
> I've included a "cut down" version of the debug file here, removing
> certificate information, most of the HTML, etc.
That's fine.
What I notice in your debug file is that the cookie name is uppercase
when it's sent to you, and lowercase when it's sent back to the server.
I wonder if that matters? I'll have to do some research...
-----------------------------------------------------------------------
This is the FTPAPI mailing list. To unsubscribe, please go to:
http://www.scottklement.com/mailman/listinfo/ftpapi
-----------------------------------------------------------------------