Cookie splitting with Apache XSSI

| No Comments

Reference :


Cookies can be split up pretty simply using XSSI's 'if expr' statement and the Perl compatible regular expressions (PCRE) it is capable of.

Simple string testing

Simply testing the cookie for contents, which is just a string like any other when it comes to testing, is just the case of seeing if it contains a value.

<!--#if expr="$HTTP_COOKIE = /BBCNewsAudience=Domestic/" -->
<!--#set var="version" value="Domestic" -->
<!--#endif -->

You will note the '/'s, this is how we test a string for part of its contents, it also enables the regular expressions syntax, so you need to be a little careful with what you are looking for.

If you are trying to test to see if a string IS a certain value, and not contain it then we would use the single quote model. For this to be relavant to our cookie model, first we need to separate the cookie string into its component value pairs (this = that).

Splitting up the cookie

Reference -

We have a simple, but effective, tool for splitting up strings with patterns of separators and delimiters. What are separators/delimiters you may ask? Of a set of value pairs, e.g. a=4&b=6, '=' is the separator of the pair, and '&' is the delimiter between the pair and the next pair.

The tool is 'setsplitvars', as referenced above, which is only available on BBC servers rather than in the Apache core (but available as an open source module). It is used in this case as follows, where in a cookie string '=' is the separator and ';' is the delimiter in cookies.

<!--#setsplitvars delimiter="; " separator="=" value="$HTTP_COOKIE" -->

So taking an example cookie string of:

BBCNewsUI=2-1-n-5-%5E; BBCNewsAudience=Domestic; BBCNewsAudcWght=-99; BBCMediaSelector=m%3Arm%26b%3Abb%26st%3A

We can split it as above and get the varibles, 'BBCNewsUI' equal to '2-1-n-5-%5E', and so on.

Now at this point we could just test the content of the resulting variables

<!--#if expr="$BBCNewsAudience = 'Domestic'" -->
<!--#set var="Domestic" value="true" -->
<!--#endif -->

Of course that's not so useful, given that we had that at stage 1, but you should note that this time we are testing for a specific value, by using single quotes (') rather than '/'. So the former model could match '', but this model will only match 'Domestic' alone as a discrete value.

Patterned Data

So we've worked out how to see if a variable has a specific value, but what if we don't know what that value is. In this case we use Regular expressions. Regular expressions

Refernce Cookie Data
BBC-UID=2453a833b3c9e20423088438713c91413aef9dddb0f06093eb9aec287bc5ddaa0Mozilla%2f5%2e0%20%28Windows%3b%20U%3b%20Windows%20NT%205%2e0%3b%20en%2dUS%3b%20rv%3a1%2e7%2e12%29%20Gecko%2f20050915%20Firefox%2f1%2e0%2e7; BBCpostcoder=PSTCM17 0DL:QRYCM17 0DL:LEA881:TVR4164.4228:WEA4585:CCI22:CON300:CTY11:CRM:DSTCM17:EUR6:LAU22UJ:LST32:NHSQ03:TWN675:RAD52273:WRD22UJGA:TIM:WIL14:MATpostcode; BBCNewsUI=2-1-n-5-%5E; BBCNewsAudience=Domestic; BBCNewsAudcWght=-99; BBCMediaSelector=m%3Arm%26b%3Abb%26st%3A

Leave a comment


Recent Comments

  • nickh: Daniel is right here, asleep in his bouncy chair. Very read more
  • Caroline Yates: You should keep cight for personal stuff and funny stuff read more
  • Meri: Whoops, the first comment was meant to go to your read more
  • Meri: Main thing that I would say is before you give read more
  • Meri: Have you tried the daily posting feature? You can set read more
  • Carlos Contreras: Would you like to see my work? bye read more
  • kyle: hey way better cricket game out there!! read more
  • andrew tomlinson: this game is wicked and adictive thanks for it. read more
  • Jay: Hello there, My name is jay,I love this game and read more
  • Mayuresh Kadu: Found you via geourl. Seems we live a few minutes read more
OpenID accepted here Learn more about OpenID


Find recent content on the main index or look in the archives to find all content.