Results 1 to 9 of 9
  1. #1
    Join Date
    Oct 2002
    Location
    /roof/ledge
    Posts
    28,088

    Cookies and HTML

    I have a script that generates a meta tag to set a cookie and remember the cart for the user. Chrome (and possibly FF in the near future) has decided that this practice isn't secure and quietly fails the script with this in the console:
    Code:
    [Deprecation] Setting cookies via `<meta http-equiv='Set-Cookie' ...>` no longer works, as of M65. Consider switching to  `document.cookie = ...`, or to `Set-Cookie` HTTP headers instead.
    Should be a simple matter of looking up how to do "Set-Cookie" to replace the meta method, but there doesn't seem to be a single example of how it's done. Assuming it's done through the document head (not PHP or Javascript) and can directly replace the "meta" method, anyone know where I can find an example?
    Your one stop shop for decentralization

  2. #2
    Join Date
    Apr 2018
    Location
    Passau, Germany
    Posts
    33
    Quote Originally Posted by bear View Post
    [...] Assuming it's done through the document head (not PHP or Javascript) and can directly replace the "meta" method, anyone know where I can find an example?
    What exactly do you mean? If you can modify the headers sent by the page you could set a cookie in such way:

    Code:
    Cookie: COOKIE_NO_1=Apple; COOKIE_NO_2=Banana;

  3. #3
    Join Date
    Sep 2017
    Location
    Lithuania
    Posts
    85
    If you don't want to use PHP/HTTP headers to create cookies, you can easily replicate meta tag by using JS - https://www.w3schools.com/js/js_cookies.asp
    Do you license and update your PHP scripts?

  4. #4
    Join Date
    Oct 2002
    Location
    /roof/ledge
    Posts
    28,088
    Quote Originally Posted by phpmillion View Post
    you can easily replicate meta tag by using JS -
    Thanks, but...
    Quote Originally Posted by bear View Post
    done through the document head (not PHP or Javascript) and can directly replace the "meta" method
    The question is "how to do "Set-Cookie" to replace the meta method" in the document, but not using JS (assuming that's even possible).
    Your one stop shop for decentralization

  5. #5
    Join Date
    Sep 2017
    Location
    Lithuania
    Posts
    85
    My bad, misunderstood your question. OK< so you don't want to use JS. And you don't want to use PHP, right?
    Do you license and update your PHP scripts?

  6. #6
    Join Date
    Mar 2014
    Location
    United States
    Posts
    206
    From what I'm looking at, set-cookie can only be set via http-headers, which means it needs to be set before the HTML page loads. My guess is http-equiv was dissabled to stop people from being able to use XSS to set a cookie. There are 2 basic options.

    1) use PHP or PERL or something to do set.cookie and modify the HTML header.
    2) use Javascript document.cookie (should be only 2 or so lines of code if that) to set the cookie.

    3) A purely hypothetical third option... Use .htaccess and mod_rewrite to manipulate cookie content? - https://www.askapache.com/htaccess/h...h/#modrewrite2

    -REPlummer
    Quick and Easy Servers - QnEZ - 732-907-9030 - replummer@qnez.net
    DirectAdmin based hosting solutions and Cloud VPS - Registered Softaculous NOC

  7. #7
    Join Date
    Apr 2018
    Location
    Passau, Germany
    Posts
    33
    You should be able to set headers over the webserver engine.

    In Apache something like that should work:

    Code:
    Header set Set-Cookie "cookie_name=Foobar; path=/; Secure; HttpOnly;"
    Or

    Code:
    Header append Set-Cookie "cookie_name=Foobar; path=/; Secure; HttpOnly;"

  8. #8
    Join Date
    Oct 2002
    Location
    /roof/ledge
    Posts
    28,088
    Quote Originally Posted by phpmillion View Post
    My bad, misunderstood your question. OK< so you don't want to use JS. And you don't want to use PHP, right?
    Correct.
    Quote Originally Posted by JanglewoodLLC View Post
    1) use PHP or PERL or something to do set.cookie and modify the HTML header.
    As this involves PERL shopping cart, that would be what I need. As it is now that cart prints the META to the pages, so a method that I could use to replace that would be ideal. I'm not very good with PERL. Here's one of several lines in the script:
    Code:
              if(($cf{'use_cookies'} eq "yes")&&($line =~ /<\/head>/i)){                
    my($metaCookie) = "<META HTTP-EQUIV=\"Set-Cookie\" Content=\"cart_id=$cart_id; path=\/;\">\n";
                    $metaCookie .= "</head>";
                    $line =~ s/<\/head>/$metaCookie/ig;
              }
    Appears to be looking for the head of the doc, and inserts that value into the page, with $cart_id the var defined right above this.
    Your one stop shop for decentralization

  9. #9
    Join Date
    Apr 2018
    Location
    Passau, Germany
    Posts
    33
    Must be years since I used Perl the last time but could you try replacing the code with this code?

    Code:
    if(($cf{'use_cookies'} eq "yes")&&($line =~ /<\/head>/i)) {
    	#my($metaCookie) = "<META HTTP-EQUIV=\"Set-Cookie\" Content=\"cart_id=$cart_id; path=\/;\">\n";
    	#$metaCookie .= "</head>";
    	#$line =~ s/<\/head>/$metaCookie/ig;
    	
    	new CGI::Cookie(-name=>'cart_id',-value=>$cart_id);
    }
    On the beginning of the Perl file you would need to import the module so just append:

    Code:
    use CGI::Cookie;

Similar Threads

  1. Need two basic PSD files sliced and HTML'ized
    By lotuslnd in forum Employment / Job Offers
    Replies: 11
    Last Post: 02-07-2003, 01:00 PM
  2. Cookies and View New Posts
    By NxTek in forum Web Hosting Lounge
    Replies: 0
    Last Post: 02-02-2003, 11:45 AM
  3. How can I make .htm and .html files as server parsed, through CPanel?
    By shamrock in forum Hosting Software and Control Panels
    Replies: 2
    Last Post: 10-05-2002, 09:34 AM
  4. cookies and click through search engines
    By tuvok in forum Hosting Security and Technology
    Replies: 1
    Last Post: 05-30-2002, 04:23 PM
  5. Image and Html Color
    By MikeM in forum Hosting Software and Control Panels
    Replies: 4
    Last Post: 06-28-2001, 02:37 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •