Web Servers on Unix and Linux - Apache/2.0.54 mod_usertrack cookies type

This is Interesting: Free IT Magazines  
Home > Archive > Web Servers on Unix and Linux > November 2005 > Apache/2.0.54 mod_usertrack cookies type





You are viewing an archived Text-only version of the thread. To view this thread in it's original format and/or if you want to reply to this thread please [click here]

Author Apache/2.0.54 mod_usertrack cookies type
rafamiga

2005-11-16, 7:51 am

Well, I have a problem with mod_usertrack. Generally it works. The logs
are cool and I can track user's activity, clickstreams, all this
marketing stuff. But of course, some IE problems kick in.

Let's say I have a virtualhost set under foo.bar domain. My setup is:

CookieTracking on
CookieStyle Cookie
CookieExpires "2 weeks"
CookieDomain .foo.bar
CustomLog /var/log/apache2/cookie-track.log "%{cookie}n %h %l %u %t
\"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\""
CookieName FOO_BAR

OK. The users are being tracked and there are no problems. But it
tracks only user's sessions. The cookie is not persistent when the
client uses a typical IE6 environment -- one with default cookie
settings. And my goal is to track the clients itself, not only their
sessions.

The responses I get from Apache are like this:

HTTP/1.1 200 OK
Date: Wed, 16 Nov 2005 10:03:01 GMT
Server: Apache/2.0.54
Set-Cookie: FOO_BAR=123.45.67.89.1132135381683768; path=/;
max-age=1209600
Set-Cookie: FOOBARSess=5ff49d16c1208a67abb09fac15aba
e70; path=/;
domain=.foo.bar
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-cache
Pragma: no-cache
Content-Length: 3329
Connection: close

The PHP's session is a temporary cookie because it does not have any
expiration on it and it dies as client closes the browser. That's cool
and we all need this. My cookie has a "max-age=" properity which,
theoretically, should make this cookie persistent. It does -- when
client uses Mozilla/FF. On IE it's as temporary as the php session's
cookie. Here's another example:

HTTP/1.1 200 OK
Date: Wed, 16 Nov 2005 10:06:25 GMT
Server: Apache/2.0.54
Set-Cookie: FOO_BAR=123.45.67.78.1132135585427411; path=/;
max-age=1209600
Cache-Control: no-cache
Pragma: no-cache
Set-Cookie: FOOBARjs=123.45.67.89-1132135585-420639; expires=Tue, 12
Aug 2008 10:06:25 GMT; path=/; domain=.foo.bar
Content-Length: 35
Connection: close
Content-Type: image/gif

These are headers when a client request 1-px transparent gif used by
an DYI tracking php script. Now, surprise surprise, IE treats FOOBARjs
cookie as persistent cookie. It DOES get written to disk and shows up
after client re-opens the browser.

So what's the problem with Apache's cookie? Generally it does not
matter when domain=.foo.bar is present in header or not. The only
difference is that DYI cookie [and generally php cookies] have
"expires=" properity and Apache's have "max-age=" which, in theory,
should be treated equally.

Mozilla's behaviour is proper -- it does store both cookies. Default
IE6 installations do not.

Apache cannot be set to make mod_usertrack use "expires=" cookie
syntax, only "max-age=" syntax is supported. Is this the reason for IE
failing to accept Apache's cookie for two weeks [1209600 seconds]?

Advice is most welcome.

--
rafamiga

Sponsored Links






Free braindumps | Software forum | Database administration forum

Copyright 2003 - 2008 webservertalk.com