imran shaik wrote:
> Daniel,
>
> I put up the following situation to you . I have posted the cookies below.
> I see that the session is set twice. Once it is set normally, as you see
> in the first cookie, In the next cookie it is set to null.
>
> In the first cookie, I see the Date format to be ok. If curl's date
> parser had failed, then why do I get the second cookie at all? Also, in
> the cookies from the same site , is there any possibility that I get
> cookies of different formats?
>
> Or Is this the curl related problem?
>
> thanks,
> Imran

I hope the other Daniel understands what you wrote, because I don't :)

That said, the null/1970 trick looks like a deletion request. The cookie
system makes no provision to delete a cookie via HTTP, so setting an
expiry date in the past is the way to delete the cookie.

The server is not setting any value, it's removing both cookies from
your system. Why, I have no idea. But here's one example: my ISP proxies
me on port 80, so port 80 (HTTP) and port 135(?) (HTTPS) come in from
different IPs.

If I log into SourceForge via SSL, it sets up my cookie-based session
relative to that IP. The next non-SSL access comes in on my ISP's proxy
IP, so SourceForge detects a "hack" and immediately deletes all my SF
cookies (expires them all and sets them all equal to "deleted").

In your case, it could be anything -- short-lived cookies, an IP-related
problem, anything, but it looks like deletion to me.
Received on 2007-01-12