Java Applet in Mac FireFox sets multiple DIFFERENT cookies
I've been fighting with this one for a couple days. I'm getting two
(different) cookie headers being set.
Quick Background:
- Using a TurboGears web application.
- Embedding an Applet to assist in file uploads (JUpload).
- Applet uploads the files and sends the data to a secure URL.
- A session ID preserves the user's login information so they don't
get a 403 or have to login again.
- Works totally fine in everything EXCEPT FireFox on a Mac (Safari
works fine, as well as FireFox in Windows)
Using Ethereal to look at the HTTP header, there are two "Cookies"
values being set. The one that I set, and some other random one which
I have NO idea where it is coming from. As follows:
POST /import/upload HTTP/1.1
Cookies: tg-visit=2k842fgj237dfkvh232c32hdh3832
Content-length: 123541
<blah blah blah other headers>
Cookies: tg-visit=743jk82hfg94520fng62j8233jfg826
The first tg-visit value (the session id) is correct. The second one
which is the last header being set, is some other id being set. In
Safari the tg-visit value is the same on both lines and it works fine.
Other browsers properly only sets a single line. Firefox on a Mac
gives me two different values, and I have NO idea why.
Code to follow:
<APPLET CODE="foo.bar.myApplet" ARCHIVE="/static/myApplet.jar"
WIDTH="450" HEIGHT="320">');
<PARAM name="type" value="application/x-java-applet;version=1.4" /
');
<PARAM name="scriptable" value="true" />
<PARAM name="postURL" value="${postUrl}" />
<PARAM name="redirectURL" value="${redirectUrl}" />
<PARAM name="tgVisitValue" value="tg-visit=${tgVisitValue}" />
</APPLET>
I have also tried to use the MAYSCRIPT attribute, but that doesn't
really help.
Using TurboGears which fills in the ${tgVisitValue} properly (which
works fine).
myApplet.java
this.mycookies = this.getParameter("tgVisitValue",
DEFAULT_COOKIE_STRING);
if (this.mycookies == DEFAULT_COOKIE_STRING) {
try
{
JSObject window = JSObject.getWindow(this );
JSObject document =
(JSObject)window.getMember( "document" );
String cookies =
(String)window.eval("self.document.cookie");
if (cookies.equals("undefined")) // we're IE
cookies = (String)document.getMember("cookie");
// NAOMI
// get all the unexpired cookies
// this.mycookies = (String) document.getMember( "cookie" );
}
catch ( Exception e )
{
this.mycookies = "nocookie=0";
}
}
This grabs the cookie value properly, so I don't think there are any
problems there. The code that does all the HTTP magic is here:
try{
String boundary = "-----------------------------" +
getRandomString();
url = new URL(uploadURL);
// Setting up the connection for upload.
urlConn = url.openConnection();
urlConn.setRequestProperty("Cookie", this.mycookies);
urlConn.setDoInput (true);
urlConn.setDoOutput (true);
urlConn.setUseCaches (false);
urlConn.setRequestProperty("Content-length", ""+totalFilesLength);
urlConn.setRequestProperty("Content-Type",
"multipart/form-data; boundary=" +
boundary.substring(2,
boundary.length()));
String CRLF = "\r\n";
urlConn.connect();
// Retrieve OutputStream For upload (Post).
dOut = new DataOutputStream(urlConn.getOutputStream());
// Actual Uploading part.
StringBuffer sb;
File f;
uploadedLength = 0;
for(int i=0; i < aTotalFiles.length && !stop; i++){
f = aTotalFiles[i];
sb = new StringBuffer();
// Line 1.
sb.append(boundary);sb.append(CRLF);
// Line 2.
sb.append("Content-Disposition: form-data; name=
\"File");sb.append(i);
sb.append("\"; filename=\"");sb.append(f.toString());
sb.append("\"");sb.append(CRLF);
// Line 3 & Empty Line 4.
sb.append("Content-Type: application/octet-stream");
sb.append("Content-Length: " + f.length());
sb.append(CRLF);sb.append(CRLF);
dOut.writeBytes(sb.toString());
uploadFileStream(f,dOut);
dOut.writeBytes(CRLF);
}
// Telling the Server we have Finished.
dOut.writeBytes(boundary);
dOut.writeBytes("--");
dOut.writeBytes(CRLF);
dOut.flush ();
if(!stop) progress.setString("File(s) uploaded. Wait for server
response!");
bInp = new BufferedReader(new
InputStreamReader(urlConn.getInputStream ()));
Any ideas?