forked from erlyaws/yaws
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathcookies.yaws
74 lines (56 loc) · 2.3 KB
/
cookies.yaws
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
<erl>
out(A) ->
{ssi, "TAB.inc", "%%",[{"cookies", "choosen"}]}.
</erl>
<div id="entry">
<h1>Yaws and Cookies</h1>
<p>
Cookies are the means in HTTP to assign data to a session. A HTTP session
typically consists of many (and sometimes concurrent) TCP connections from the
client to the web server. The first time a client arrives to our webserver, we
issue the HTTP header <tt>Set-Cookie: var=someval</tt>. The browser will then in
subsequent connections to the same server pass this cookie "var=someval" in its
client side <tt>Cookie: var=someval</tt> header. We can thereby assign state to a
session, either through data actualy encoded into the cookie value itself, or by
associating server side session data to the cookie.</p>
<p>
Let's do an example where we set a simple cookie, and create a specific erlang process
which is then responsible for that session.
The cookie value will be a string encoding of the pid handling the session.
</p>
<p>
The yaws code in
<a href="setcookie.yaws">setcookie.yaws</a> sets the cookie in the browser. Note that
the call to <code>yaws_api:set_cookie/3</code> in the example returns a header setting
(like <code>{header, HeaderNameAndValue}</code>) from the <code>out/1</code> function,
which directs Yaws to set the specified header in the response to the browser.
</p>
<p>And the yaws code in <a href="readcookie.yaws">readcookie.yaws</a>
will read the cookie
and report some uninteresting session data.
</p>
<p>
A correct definition of cookies can be found in
<a href="http://tools.ietf.org/html/rfc6265">RFC 6265</a></p>
<h2>Set Cookie</h2>
<p>The code to set the cookie looks like:</p>
<erl>
out(A) ->
{ok, B} = file:read_file(A#arg.docroot ++ "/setcookie.yaws"),
{ehtml,
{'div', [{class, "box"}],
{pre,[], B}}}.
</erl>
<p>This is the page that set the cookie in the browser.
<a href="readcookie.yaws">readcookie.yaws</a> will
read the cookie and report persistent information as
long as the browser session exists.
<p> it will set the cookie
<tt>foobar = <x,y,z>; </tt> where the
x,y,z string is the textual representation of an
actual erlang pid which will be responsible for
this session.
</div>
<erl>
out(A) -> {ssi, "END2",[],[]}.
</erl>