RTC Forums
November 23, 2024, 05:19:39 PM *
Welcome, Guest. Please login or register.

Login with username, password and session length
 
   Home   Help Login Register  
Pages: [1]
  Print  
Author Topic: cookies in a single header rather than sending multiple headers in PHP server  (Read 8814 times)
Ecole7
RTC Expired
*
Posts: 23


« on: January 23, 2018, 11:54:44 AM »

Hello,
  I encounter the following problem with the TRtcDataRouter component:
  My application must forward HTTP requests to a PHP server.
  Everything is OK, except that cookies sent from the Delphi application are not read by the PHP server.
  I analyzed the headers and I found that each cookie is a line.

GET /cookie.php HTTP/1.1
Host: localhost:81
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/59.0.3071.86 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate, br
Accept-Language: fr-FR,fr;q=0.8,en-US;q=0.6,en;q=0.4
CONTENT-LENGTH: 0
COOKIE: _SID=43123.4501751
COOKIE: user=John+Doe


  It seems that the PHP server does not support this format ...
  I am using PHP 5.4.13 (CLI)

thank you in advance for your help
Vincent
Logged
D.Tkalcec (RTC)
Administrator
*****
Posts: 1881


« Reply #1 on: January 23, 2018, 03:35:55 PM »

Please, download RTC SDK v9.16 (just released) and let me know if this fixes your problems with request cookies sent to a Server using PHP. This update changes the way Requests containing multiple Cookies are sent. Instead of sending each Cookie as a separate "COOKIE" header (as before), all Cookies from the same HTTP Request are now sent in a single "COOKIE" header, where each "name=value" pair is separated by a semicolon and a space (" ;"). That is conform with the HTTP RFC, so it should work with all HTTP Servers.

Best Regards,
Danijel Tkalcec
Logged
Ecole7
RTC Expired
*
Posts: 23


« Reply #2 on: January 23, 2018, 04:08:30 PM »

Thanks for the quick response and the modification, I am impressed.

The header format is changed, but the problem still exists, it is really a headache.

Comparing the headers, the only difference I see now, is the field name 'cookie' which is written 'COOKIE' when it does not work and 'Cookie' when it works.

OK :
GET /cookie.php HTTP/1.1
Host: localhost:81
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/59.0.3071.86 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate, br
Accept-Language: fr-FR,fr;q=0.8,en-US;q=0.6,en;q=0.4
Cookie: _SID=43123.4501751; user=John+Doe

NO OK :
GET /cookie.php HTTP/1.1
Host: localhost:81
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/59.0.3071.86 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate, br
Accept-Language: fr-FR,fr;q=0.8,en-US;q=0.6,en;q=0.4
COOKIE: _SID=43123.4501751; user=John+Doe
Logged
D.Tkalcec (RTC)
Administrator
*****
Posts: 1881


« Reply #3 on: January 23, 2018, 04:18:58 PM »

If that is the problem now, then you should contact the people working on "PHP" (or whoever wrote the script in PHP which you are using) to fix their code, because names in HTTP/1.x headers are case-insensitive (see RFC 7230, Section 3.2):
https://tools.ietf.org/html/rfc7230#section-3.2

IOW, "COOKIE" should be treated the same as "Cookie" or "cookie" or any other combination of that word, using either lower-case or UPPER-CASE letters.

PS. There is a similar question on Stackoverflow, with a more detailed reply:
https://stackoverflow.com/questions/5258977/are-http-headers-case-sensitive

Best Regards,
Danijel Tkalcec
Logged
Ecole7
RTC Expired
*
Posts: 23


« Reply #4 on: January 23, 2018, 04:34:35 PM »

Hallelujah, it works !

You have also planned a solution for this problem.

In rtcInfo.pas :
  // Header Name used to send Cookies inside HTTP Requests
  RTC_REQUEST_COOKIE_NAME:RtcString='COOKIE';

Once again, you are doing a very great job.

Vincent
Logged
D.Tkalcec (RTC)
Administrator
*****
Posts: 1881


« Reply #5 on: January 23, 2018, 04:39:27 PM »

Changing that variable to mixed-case is going to cause you problems elsewhere, because the rest of the unit expects that global variable to be in UPPERCASE (it is used in several checks across the unit). I'm going to check now what else needs to be changed to make it working, without breaking some other things.

Best Regards,
Danijel Tkalcec
Logged
D.Tkalcec (RTC)
Administrator
*****
Posts: 1881


« Reply #6 on: January 23, 2018, 07:22:20 PM »

Please, download RTC SDK v9.17 (just released) and let me know if this works for you, without making any changes to RTC variables in your code.  In this update, I've changed all properties on "TRtcRequest" and "TRtcResponse" classes used for preparing HTTP Headers to send Header names in a "Mixed-Case" format instead of "UPPERCASE". Since that is the format used by most popular Web Browsers, it should work with the widest range of 3rd-party Servers and Web Applications. And ... it should fix your problems with PHP - where a 'COOKIE' header is NOT recognized, but using 'Cookie' works just fine.
  
Best Regards,
Danijel Tkalcec
Logged
Ecole7
RTC Expired
*
Posts: 23


« Reply #7 on: January 24, 2018, 12:20:22 PM »

Hello,
  Everything is OK with version 9.17, without any modification.

  Regarding my application, the goal is to run PHP scripts with an HTTP RTC server without using Apache.
  So I use the PHP CLI server as a service and I get a quick and lightweight solution.
  But is this the right solution ?
  Were there other possibilities?

  Thank you for the flawless service.
Logged
D.Tkalcec (RTC)
Administrator
*****
Posts: 1881


« Reply #8 on: January 24, 2018, 01:16:02 PM »

Thank you for your feedback.

I'm the wrong person to ask for advice about PHP, but ... (A) I think it is a good idea to get a clear separation between your code and any 3rd-party code or Scripts you use (which you did by using a separate Server for PHP), and ... (B) "TRtcDataRouter" and "TRtcLoadBalancer" components are ideal for routing traffic between Servers (which you also did), so ... if you are asking me, your solution sounds pretty good Cool

Best Regards,
Danijel Tkalcec
Logged
Ecole7
RTC Expired
*
Posts: 23


« Reply #9 on: January 25, 2018, 11:38:58 AM »

Thank you for your answer.

I now want to implement SSL for this development.

- Is it possible to use Open StreamSec Tools 2.1.x with your recent RTC components?
- Will encryption also be active for php scripts running through a DataRouter component?

Thank you in advance for your help
Logged
D.Tkalcec (RTC)
Administrator
*****
Posts: 1881


« Reply #10 on: January 25, 2018, 12:54:03 PM »

Please, contact StreamSec if you have any questions about their components.

As for the RTC SDK, the "TRtcDataRouter" component uses a "TRtcHttpServer" component (whichever you've assigned it to) for incoming connections from Clients and "TRtcHttpClient" components for outgoing connections to the Server where requests are being routed. If you add SSL encryption to your "TRtcHttServer" component used by your "TRtcDataRouter", all communication between Clients and your "TRtcDataRouter" will be encrypted.

Best Regards,
Danijel Tkalcec
Logged
Ecole7
RTC Expired
*
Posts: 23


« Reply #11 on: January 25, 2018, 03:08:37 PM »

Thank you for your reply,
  The "Open StreamSec Tools 2.1.x" library is opensource is no longer maintained by StreamSec.
  To be more specific I would just like to know which version of StreamSec products compatible with RTC that I have to use.
  thank you in advance for your response
Vincent
Logged
D.Tkalcec (RTC)
Administrator
*****
Posts: 1881


« Reply #12 on: January 25, 2018, 03:29:20 PM »

As already said, please contact StreamSec with any questions you have about their components.

Best Regards,
Danijel Tkalcec
Logged
Pages: [1]
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.21 | SMF © 2015, Simple Machines Valid XHTML 1.0! Valid CSS!
Page created in 0.029 seconds with 17 queries.