cgi.tcl y2k issue(?) 
Author Message
 cgi.tcl y2k issue(?)

proc cgi_cookie_set {nameval args} {
...
    if {[regexp "^expires=(.*)" $a dummy expiration]} {
        if {0==[string compare $expiration "never"]} {
            set expiration "Friday, 31-Dec-99 23:59:59 GMT"
...

Quote:
}

uh-oh...after dec 31 1999, everyone's cookies are going to stop saving..

-kl



Wed, 05 Jun 2002 03:00:00 GMT  
 cgi.tcl y2k issue(?)

Quote:

> proc cgi_cookie_set {nameval args} {
> ...
>     if {[regexp "^expires=(.*)" $a dummy expiration]} {
>         if {0==[string compare $expiration "never"]} {
>             set expiration "Friday, 31-Dec-99 23:59:59 GMT"
> ...
> }

> uh-oh...after dec 31 1999, everyone's cookies are going to stop saving..

Yes, it's rather bizarre that a specification written only a few years
ago could allow this.  The original Netscape documentation only
allowed two-digit dates - with no interpretation of what they meant...

RFC2109 (dated 2/97) noted the Netscape behavior without comment
or improvement.

I see that Netscape's cookie documentation now provides 4-digit years
(and makes no mention of RFC2109).  So I'll change the code although
we have no idea which browsers allow 4-digits vs 2.  But I guess it
hardly matters, since the 2-digit version is almost certain to do the
wrong thing come Y2K anyway.

Don



Fri, 07 Jun 2002 03:00:00 GMT  
 
 [ 2 post ] 

 Relevant Pages 

1. Any security issues using TCL for CGI?

2. Clarion 2.1 Y2K Issue patchy2k.exe no work!!

3. Y2K Issues in CDD for DOS

4. Y2K testing issues with Report Writer

5. Any Y2K issues for CPD v2.1

6. Y2k issue

7. Need Urgent Help- Y2K issue

8. New Y2k Issue

9. Y2k Issue

10. Thanks - Y2K PROGRAM CHECKER Issues

11. Y2K Issues

12. OT: OS/390 Y2K issue

 

 
Powered by phpBB® Forum Software