I put this on the new redmine forum but thought I'd put it here in case any of you have some suggestions. * Issue: We write at least two, and sometimes three cookies to a user's browser for each request we get. We are running a Perl FastCGI application with ~1.5 million requests per day per server. We set and read the cookie with Perl's CGI methods - creating the cookie header string with the 'cookie' method and setting it with the 'header' method. I've been tracking down problems with the cookies as read from users. Sometimes cookies contain parial data - othertimes they hold very odd data. This is a complete cookie example: 488:2:63347047828:1:1:34:412:63347047828:1:2| They are 10 colon separated values followed by a pipe - so even if a value is undefined it would print a :: where the value should have been. We are seeing very odd cookie values that don't appear to be coming from a bug in our code such as: 1031: 367:1:63349336033:1:255:15:96:633493 1123:1:63349302 Here is a particularly odd one: , $Version=1 I thought that this could be related to bug http://trac.lighttpd.net/trac/ticket/1628 So I upgraded to 1.4.20, but the errors continue to happen. I can tell that they aren't pre-upgrade cookies by looking at the timestamp in the cookies. Furthermore, I simplified the code so we only set one cookie per request and find that the problem still exists. * Operating System (OS) openSUSE 10.3 (X86-64) VERSION = 10.3 * Version of Lighttpd currently lighttpd/1.4.20 but saw the same thing with lighttpd/1.4.19 * What client you used (Browser, curl, etc.) I haven't been able to recreate on my own - these are user cookies I'm finding, I could track the browser but haven't done that yet... not sure if it's worth it. * Configuration you are using <pre> # lighttpd configuration file # # use it as a base for lighttpd 1.0.0 and above # # $Id: lighttpd.conf,v 1.7 2004/11/03 22:26:05 weigon Exp $ ############ Options you really have to take care of #################### ## modules to load # at least mod_access and mod_accesslog should be loaded # all other module should only be loaded if really neccesary # - saves some time # - saves memory server.modules = ( "mod_rewrite", # "mod_redirect", "mod_alias", "mod_access", # "mod_cml", # "mod_trigger_b4_dl", # "mod_auth", # "mod_status", # "mod_setenv", "mod_fastcgi", # "mod_proxy", # "mod_simple_vhost", # "mod_evhost", # "mod_userdir", "mod_cgi", # "mod_compress", # "mod_ssi", # "mod_usertrack", # "mod_expire", # "mod_secdownload", # "mod_rrdtool", "mod_accesslog" ) ## a static document-root, for virtual-hosting take look at the ## server.virtual-* options server.document-root = "/srv/www/htdocs/" ## where to send error-messages to server.errorlog = "/var/log/lighttpd/error.log" # files to check for if .../ is requested index-file.names = ( "index.html") ## set the event-handler (read the performance section in the manual) # server.event-handler = "freebsd-kqueue" # needed on OS X # mimetype mapping mimetype.assign = ( ".pdf" => "application/pdf", ".sig" => "application/pgp-signature", ".spl" => "application/futuresplash", ".class" => "application/octet-stream", ".ps" => "application/postscript", ".torrent" => "application/x-bittorrent", ".dvi" => "application/x-dvi", ".gz" => "application/x-gzip", ".pac" => "application/x-ns-proxy-autoconfig", ".swf" => "application/x-shockwave-flash", ".tar.gz" => "application/x-tgz", ".tgz" => "application/x-tgz", ".tar" => "application/x-tar", ".zip" => "application/zip", ".mp3" => "audio/mpeg", ".m3u" => "audio/x-mpegurl", ".wma" => "audio/x-ms-wma", ".wax" => "audio/x-ms-wax", ".ogg" => "application/ogg", ".wav" => "audio/x-wav", ".gif" => "image/gif", ".jpg" => "image/jpeg", ".jpeg" => "image/jpeg", ".png" => "image/png", ".xbm" => "image/x-xbitmap", ".xpm" => "image/x-xpixmap", ".xwd" => "image/x-xwindowdump", ".css" => "text/css", ".html" => "text/html", ".htm" => "text/html", ".js" => "text/javascript", ".asc" => "text/plain", ".c" => "text/plain", ".cpp" => "text/plain", ".log" => "text/plain", ".conf" => "text/plain", ".text" => "text/plain", ".txt" => "text/plain", ".dtd" => "text/xml", ".xml" => "text/xml", ".mpeg" => "video/mpeg", ".mpg" => "video/mpeg", ".mov" => "video/quicktime", ".qt" => "video/quicktime", ".avi" => "video/x-msvideo", ".asf" => "video/x-ms-asf", ".asx" => "video/x-ms-asf", ".wmv" => "video/x-ms-wmv", ".bz2" => "application/x-bzip", ".tbz" => "application/x-bzip-compressed-tar", ".tar.bz2" => "application/x-bzip-compressed-tar", # default mime type "" => "application/octet-stream", ) # Use the "Content-Type" extended attribute to obtain mime type if possible #mimetype.use-xattr = "enable" ## send a different Server: header ## be nice and keep it at lighttpd # server.tag = "lighttpd" #### accesslog module accesslog.filename = "/var/log/lighttpd/access.log" accesslog.format = "%{Udm_Remote_Addr}i %V %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" ## deny access the file-extensions # # ~ is for backupfiles from vi, emacs, joe, ... # .inc is often used for code includes which should in general not be part # of the document-root url.access-deny = ( "~", ".inc" ) $HTTP["url"] =~ "\.pdf$" { server.range-requests = "disable" } ## # which extensions should not be handle via static-file transfer # # .php, .pl, .fcgi are most often handled by mod_fastcgi or mod_cgi static-file.exclude-extensions = ( ".php", ".pl", ".fcgi", ".fetch", ".cpx" ) ######### Options that are good to be but not neccesary to be changed ####### ## bind to port (default: 80) server.port = 80 ## bind to localhost (default: all interfaces) #server.bind = "127.0.0.1" ## error-handler for status 404 #server.error-handler-404 = "/error-handler.html" #server.error-handler-404 = "/error-handler.php" ## to help the rc.scripts server.pid-file = "/var/run/lighttpd.pid" ###### virtual hosts ## ## If you want name-based virtual hosting add the next three settings and load ## mod_simple_vhost ## ## document-root = ## virtual-server-root + virtual-server-default-host + virtual-server-docroot ## or ## virtual-server-root + http-host + virtual-server-docroot ## #simple-vhost.server-root = "/srv/www/vhosts/" #simple-vhost.default-host = "www.example.org" #simple-vhost.document-root = "/htdocs/" ## ## Format: <errorfile-prefix><status-code>.html ## -> ..../status-404.html for 'File not found' #server.errorfile-prefix = "/usr/share/lighttpd/errors/status-" #server.errorfile-prefix = "/srv/www/errors/status-" ## virtual directory listings #dir-listing.activate = "enable" ## enable debugging #debug.log-request-header = "enable" #debug.log-response-header = "enable" #debug.log-request-handling = "enable" #debug.log-file-not-found = "enable" ### only root can use these options # # chroot() to directory (default: no chroot() ) #server.chroot = "/" ## change uid to <uid> (default: don't care) server.username = "lighttpd" ## change uid to <uid> (default: don't care) server.groupname = "lighttpd" fastcgi.debug = 0 fastcgi.server= (".fetch" => ("udmfoo" => ( "socket" => "/tmp/lighttpd-fcgi.socket", "bin-path" => "/srv/www/cgi-bin/img.fetch", "max-load-per-proc" => 3, "min-procs" => 4, "max-procs" => 8, "idle-timeout" => 60 ) ) ) #### CGI module cgi.assign = ( ".pl" => "/usr/bin/perl", ".cgi" => "/usr/bin/perl", ".cpx" => "/usr/bin/perl") $SERVER["socket"] == ":443" { ssl.engine = "enable" ssl.pemfile = "/etc/cert/www_udmserve_net.pem" ssl.ca-file = "/etc/cert/DigiCertCA.crt" server.name = "udmserve.net" server.document-root = "/srv/www/htdocs/" } ) #### url handling modules (rewrite, redirect, access) #url.rewrite = ( "^/$" => "/server-status" ) # this line allows img.cpx calls to be pushed to the fcgi server, remove when we no longer need it url.rewrite = ( "^/udm/img.cpx(.*)$" => "/udm/img.fetch$1" ) alias.url = ( "/udm/" => "/srv/www/cgi-bin/") </pre>
on 23.10.2008 22:28
