Project

General

Profile

Bug #1790

Using $HTTP["cookie"]

Added by Anonymous almost 11 years ago. Updated over 10 years ago.

Status:
Invalid
Priority:
Normal
Assignee:
Category:
core
Target version:
Start date:
Due date:
% Done:

0%

Estimated time:
Missing in 1.5.x:

Description

I'm using this line in my configuration:
server.document-root = "/var/www/sheezyart/public"
$HTTPcookie =~ "sandbox" {
server.document-root = "/var/www/sheezyart_cc/public"
}
The problem is that LIGHTTPD follows this rule randomly. I am unaware how to debug this, but I can reproduce it:

I made a script at:
http://www.sheezyart.com/test_set.php
that will set the sandbox cookie.

When you go here and refresh, you will notice that the change to the document root only applies half of the time:
http://www.sheezyart.com/test_get.php

Without being able to use this configuration option, I cannot sandbox easily on my server.

-- channelcat

History

#1

Updated by icy over 10 years ago

  • Status changed from New to Need Feedback
  • Patch available set to No

Can't reproduce. Is this resolved?

#2

Updated by icy over 10 years ago

  • Target version changed from 1.4.21 to 1.4.22
#3

Updated by stbuehler over 10 years ago

  • Status changed from Need Feedback to Missing Feedback
#4

Updated by channelcat over 10 years ago

  • Status changed from Missing Feedback to Reopened

I've upgraded to 1.4.22 and I'm still having the same issues, so maybe my config can help make this reproducible:

Here's the host part of my config:

$HTTP["host"] =~ "sheezyart\.com$" {

        url.rewrite-once = (
                "/crossdomain.xml" => "/crossdomain.xml",
                "/(.*)\.xml" => "/dispatch.php",
                "/(.*)\.(.*)" => "$0",
                "^(.*)$" => "/dispatch.php" 
        )

        server.document-root = "/var/www/sheezyart/public" 

        $HTTP["cookie"] =~ "sandbox" {
                server.document-root = "/var/www/sheezyart_cc/public" 
        }

        server.max-keep-alive-requests = 0
        server.max-keep-alive-idle = 0
        server.max-read-idle = 10
        server.max-write-idle = 10

        server.errorfile-prefix = "/var/www/sheezyart/public/errors/status-" 
}

Other config settings:

server.event-handler = "linux-sysepoll" 

server.modules = (
  "mod_rewrite",
  "mod_access",
  "mod_status",
  "mod_fastcgi",
  "mod_simple_vhost",
  "mod_compress",
  "mod_expire" ,
  "mod_secdownload" 
)

server.document-root = "/var/www" 
server.errorlog      = "/var/log/lighttpd.log" 
server.indexfiles    = ( "index.php", "index.html", "index.htm", "default.htm" )

mimetype.assign             = (
  ".swf"          =>      "application/x-shockwave-flash",
  ".zip"          =>      "application/zip",
  ".mp3"          =>      "audio/mpeg",
  ".wma"          =>      "audio/x-ms-wma",
  ".ogg"          =>      "audio/x-wav",
  ".wav"          =>      "audio/x-wav",
  ".gif"          =>      "image/gif",
  ".jpg"          =>      "image/jpeg",
  ".png"          =>      "image/png",
  ".css"          =>      "text/css",
  ".html"         =>      "text/html",
  ".htm"          =>      "text/html",
  ".js"           =>      "text/javascript",
  ".mpg"          =>      "video/mpeg",
  ".mov"          =>      "video/quicktime",
  ".avi"          =>      "video/x-msvideo",
  ".wmv"          =>      "video/x-ms-wmv",
  ".xml"          =>      "text/xml" 
)

static-file.exclude-extensions = ( ".fcgi", ".php", ".rb", "~", ".inc" )

server.pid-file            = "/var/run/lighttpd.pid" 
server.username            = "www" 
server.groupname           = "www" 

server.max-worker          = 4
server.max-fds             = 2048

status.status-url          = "/www-status" 
status.config-url          = "/www-config" 

compress.cache-dir         = "/tmp" 
compress.filetype          = ("text/plain", "text/html", "text/css", "application/x-javascript", "text/javascript")
compress.cache-dir         = "/tmp" 
compress.filetype          = ("text/plain", "text/html", "text/css", "application/x-javascript", "text/javascript")

fastcgi.server          = ( ".php" =>
                      ( "localhost" => (
                        "socket" => "/tmp/php.socket",
                        "bin-path" => "/usr/local/bin/php-cgi",
                        "check-local" => "disable",
                        "max-procs" => 2,
                        "idle-timeout" => 60,
                        "bin-environment" => (
                                 "PHP_FCGI_CHILDREN" => "16",
                                 "PHP_FCGI_MAX_REQUESTS" => "10000" 
                        ),
                        "broken-scriptfilename" => "enable" 
                 )
        )
)

I'm setting the sandbox cookie in PHP with

setcookie('sandbox', $folder, time()+60*60*24*30, '/', '.sheezyart.com');

I took down the test set and get files that I posted originally, but if it helps, I can put those back up.
It's also notable that this issue applies to both static and dynamic content and all browsers. I battle this frequently when applying the sandbox cookie and testing changes to a stylesheet and the server root keeps jumping back and forth when I refresh or ask others to review changes.

#5

Updated by channelcat over 10 years ago

FINALLY, I found the issue. When I disabled mod_simple_vhost the issue went away, and turning it back on would make it occur again.

Before disabling modules and finding the cause of the issue, I noticed that

        server.document-root = "/var/www/sheezyart/public" 
        $HTTP["cookie"] =~ "sandbox" {
                server.document-root = "/var/www/sheezyart_cc/public" 
        }

worked in reverse as well
        $HTTP["cookie"] =~ "sandbox" {
                server.document-root = "/var/www/sheezyart_cc/public" 
        }
        server.document-root = "/var/www/sheezyart/public" 

From what it seems, mod_simple_vhost was stopping the second server.document-root setting from overriding the first (seemingly randomly, maybe a caching issue?).

#6

Updated by stbuehler over 10 years ago

  • Status changed from Reopened to Invalid

the order of options in a block doesn't matter (only for generating arrays with += while evaluating the config); the order of the blocks matters of course.
as the outer doc-root is in the same block in both examples the result is the same.

I admit it may be sometimes difficult to understand the config... but i can't do anything about that :)

Also available in: Atom