[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Savannah-users] emacs-w3m and savannah
|
From: |
Sylvain Beucler |
|
Subject: |
Re: [Savannah-users] emacs-w3m and savannah |
|
Date: |
Sat, 2 Dec 2006 23:24:22 +0100 |
|
User-agent: |
Mutt/1.5.13 (2006-08-11) |
Hi,
Emacs told me this:
"savannah.nongnu.org tried to set a cookie for domain .savannah.nongnu.org -
rejected. [4 times]"
... while (http://www.ietf.org/rfc/rfc2109.txt):
Domain=domain
Optional. The Domain attribute specifies the domain for which the
cookie is valid. _An explicitly specified domain must always start
with a dot._
(emphasis added)
Using '.sv.nongnu.org' means asking cookies to be sent to
*.sv.nongnu.org, which is used by a part of Savane for multi-site
authentication (eg both for Savane and Mailman archives authentication
at gna.org). Moreover adding the leading dot is apparently required.
emacs-w3m doesn't seem to behave according to the RFC, would you mind
reporting a bug to emacs-w3m?
--
Sylvain
On Fri, Dec 01, 2006 at 12:53:29AM +0100, address@hidden wrote:
> Sylvain Beucler <address@hidden> writes:
>
> > Do you get a warning about the https certificate? As I said, I think
> > w3m reject cookies if it doesn't trust it.
>
> No I dont appear to get this warning
>
> > Do you know where w3m stores the trusted CAs, so I can add SV's there?
> > Or is there an equivalent to curl's -k/--insecure option in w3m?
> >
> > w3m also sends me a warning about rejecting the unsecure cookie,
> > refering a RFC that says the Domain must be valid. Since the Domain is
> > optional, I don't use it for the cookie probe, and it should work. I
> > think the rejection is rather due to the https cert.
>
>
> there was a "accept bad cookies" setting in emacs-w3m. Im not sure
> what this translates to for the pure w3m. This setting didnt help
> however.
>
>
> > --
> > Sylvain
> >
> > On Fri, Dec 01, 2006 at 12:08:36AM +0100, address@hidden wrote:
> >> Sylvain Beucler <address@hidden> writes:
> >>
> >> emacs-w3m now proceeds a bit further, but Im still unable to login.
> >> I get this error:
> >>
> >> Error Error:Savane thinks your cookie are not activated for
> >> savannah.gnu.org. to log-in, we need you to activate cookies in your
> >> web browser for this website. please do so and click here:
> >> https://savannah.gnu.org/account/lo...;>
> >> then I c heck that cookies are acctiveated, and they seem to be, but I
> >> never get to login. The original certificate loop, or whatever it was,
> >> seems to be gone now at any rate.
> >>
> >>
> >> > On Mon, Oct 23, 2006 at 11:04:35PM +0200, Sylvain Beucler wrote:
> >> >> On Wed, Oct 18, 2006 at 05:24:51PM +0200, address@hidden wrote:
> >> >> > ...doesnt seem to interact well during login.
> >> >> > Any workarounds for this?
> >> >>
> >> >> I don't have work-arounds, but I'd be glad to better understand the
> >> >> source of this issue. I can reproduce it here, and apparently w3m is
> >> >> redirecting to the same URL in an endless loop (until the w3m max
> >> >> redirect is hit) - or so it seems.
> >> >
> >> > A bug was introduced, happening where when cookies were rejected
> >> > sv.nongnu.org while using the 'log to browser website' feature.
> >> >
> >> > This is fixed - I made the cookie detection before the login form is
> >> > submitted, using HTTP redirections, so the user is immediately told
> >> > about it.
> >> >
> >> >
> >> > So you should be able to login using w3m.
> >> >
> >> > I tried, but it complained about the fact our TLS certificate is not
> >> > signed by one of its Certificate Authority, and I couldn't find the
> >> > option to disable this :) so I didn't test.
> >> >
> >> > --
> >> > Sylvain
> >>
> >> --
> >> Joakim Verona
>
> --
> Joakim Verona
> http://www.verona.se