NYCPHP Meetup

NYPHP.org

[nycphp-talk] lost sessions on redirect

Christina Karlhoff christinak at wll.com
Mon Feb 9 21:31:43 EST 2009 

	Hi Chris,
	
	used livehttpheader and captured the following http headers:
	
	http://www.wll.com/quote.php
	
	POST /quote.php HTTP/1.1
	Host: www.wll.com
	User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US;
rv:1.9.0.5) Gecko/2008120122 Firefox/3.0.5
	Accept:
text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
	Accept-Language: en-us,en;q=0.5
	Accept-Encoding: gzip,deflate
	Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
	Keep-Alive: 300
	Connection: keep-alive
	Referer: http://www.wll.com/quote.php
	Cookie: PHPSESSID=5257a97a577ea059bb286491a368c8d8
	Content-Type: application/x-www-form-urlencoded
	Content-Length: 565
	
print_blank_fields=1&Salutation=None&Contact_Name=&CompanyName=&AddressL
ine1=&AddressLine2=&City=&State=&Zip+Code=&Country=&Phone=&CellPhone=&Fa
x=&CustomerEmail=&CompanyWebsite=&HowManySamplesAvailable=&AnyExistingCe
rtification=&NameOfDevice=&VariationsInTheProduct=&HowManyIOCables=&Dime
nsionsSizeAndSetup=test&TransmitterReceiver%5B%5D=Transmitter&WhoIsTheUs
erOfEquipment=test&FCCICApproval=yes&MILSTDApproval=yes&ApprovalTypes=&T
argetCountries%5B%5D=USA&CommentsDescription=test&__ec_i=ec.1234232363.d
a9330995e5da194592cd2b63ff86d92&__ec_s=cl8xx&SUBMIT=Send+Form
	HTTP/1.x 302 Found
	Date: Tue, 10 Feb 2009 02:22:19 GMT
	Server: Apache/2.0.52 (CentOS)
	X-Powered-By: PHP/4.3.9
	Expires: Thu, 19 Nov 1981 08:52:00 GMT
	Cache-Control: no-store, no-cache, must-revalidate,
post-check=0, pre-check=0
	Pragma: no-cache
	Set-Cookie:
form=a%3A31%3A%7Bs%3A18%3A%22print_blank_fields%22%3Bs%3A1%3A%221%22%3Bs
%3A10%3A%22Salutation%22%3Bs%3A4%3A%22None%22%3Bs%3A12%3A%22Contact_Name
%22%3Bs%3A0%3A%22%22%3Bs%3A11%3A%22CompanyName%22%3Bs%3A0%3A%22%22%3Bs%3
A12%3A%22AddressLine1%22%3Bs%3A0%3A%22%22%3Bs%3A12%3A%22AddressLine2%22%
3Bs%3A0%3A%22%22%3Bs%3A4%3A%22City%22%3Bs%3A0%3A%22%22%3Bs%3A5%3A%22Stat
e%22%3Bs%3A0%3A%22%22%3Bs%3A8%3A%22Zip_Code%22%3Bs%3A0%3A%22%22%3Bs%3A7%
3A%22Country%22%3Bs%3A0%3A%22%22%3Bs%3A5%3A%22Phone%22%3Bs%3A0%3A%22%22%
3Bs%3A9%3A%22CellPhone%22%3Bs%3A0%3A%22%22%3Bs%3A3%3A%22Fax%22%3Bs%3A0%3
A%22%22%3Bs%3A13%3A%22CustomerEmail%22%3Bs%3A0%3A%22%22%3Bs%3A14%3A%22Co
mpanyWebsite%22%3Bs%3A0%3A%22%22%3Bs%3A23%3A%22HowManySamplesAvailable%2
2%3Bs%3A0%3A%22%22%3Bs%3A24%3A%22AnyExistingCertification%22%3Bs%3A0%3A%
22%22%3Bs%3A12%3A%22NameOfDevice%22%3Bs%3A0%3A%22%22%3Bs%3A22%3A%22Varia
tionsInTheProduct%22%3Bs%3A0%3A%22%22%3Bs%3A15%3A%22HowManyIOCables%22%3
Bs%3A0%3A%22%22%3Bs%3A22%3A%22DimensionsSizeAndSetup%22%3Bs%3A4%3A%22tes
t%22%3Bs%3A19%3A%22TransmitterReceiver%22%3Ba%3A1%3A%7Bi%3A0%3Bs%3A11%3A
%22Transmitter%22%3B%7Ds%3A23%3A%22WhoIsTheUserOfEquipment%22%3Bs%3A4%3A
%22test%22%3Bs%3A13%3A%22FCCICApproval%22%3Bs%3A3%3A%22yes%22%3Bs%3A14%3
A%22MILSTDApproval%22%3Bs%3A3%3A%22yes%22%3Bs%3A13%3A%22ApprovalTypes%22
%3Bs%3A0%3A%22%22%3Bs%3A15%3A%22TargetCountries%22%3Ba%3A1%3A%7Bi%3A0%3B
s%3A3%3A%22USA%22%3B%7Ds%3A19%3A%22CommentsDescription%22%3Bs%3A4%3A%22t
est%22%3Bs%3A6%3A%22__ec_i%22%3Bs%3A46%3A%22ec.1234232363.da9330995e5da1
94592cd2b63ff86d92%22%3Bs%3A6%3A%22__ec_s%22%3Bs%3A5%3A%22cl8xx%22%3Bs%3
A6%3A%22SUBMIT%22%3Bs%3A9%3A%22Send+Form%22%3B%7D; expires=Tue,
10-Feb-2009 02:27:19 GMT
	Location: http://www.wll.com/quote.php
	Content-Length: 0
	Connection: close
	Content-Type: text/html
	----------------------------------------------------------
	http://www.wll.com/quote.php
	
	GET /quote.php HTTP/1.1
	Host: www.wll.com
	User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US;
rv:1.9.0.5) Gecko/2008120122 Firefox/3.0.5
	Accept:
text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
	Accept-Language: en-us,en;q=0.5
	Accept-Encoding: gzip,deflate
	Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
	Keep-Alive: 300
	Connection: keep-alive
	Referer: http://www.wll.com/quote.php
	Cookie: PHPSESSID=5257a97a577ea059bb286491a368c8d8;
form=a%3A31%3A%7Bs%3A18%3A%22print_blank_fields%22%3Bs%3A1%3A%221%22%3Bs
%3A10%3A%22Salutation%22%3Bs%3A4%3A%22None%22%3Bs%3A12%3A%22Contact_Name
%22%3Bs%3A0%3A%22%22%3Bs%3A11%3A%22CompanyName%22%3Bs%3A0%3A%22%22%3Bs%3
A12%3A%22AddressLine1%22%3Bs%3A0%3A%22%22%3Bs%3A12%3A%22AddressLine2%22%
3Bs%3A0%3A%22%22%3Bs%3A4%3A%22City%22%3Bs%3A0%3A%22%22%3Bs%3A5%3A%22Stat
e%22%3Bs%3A0%3A%22%22%3Bs%3A8%3A%22Zip_Code%22%3Bs%3A0%3A%22%22%3Bs%3A7%
3A%22Country%22%3Bs%3A0%3A%22%22%3Bs%3A5%3A%22Phone%22%3Bs%3A0%3A%22%22%
3Bs%3A9%3A%22CellPhone%22%3Bs%3A0%3A%22%22%3Bs%3A3%3A%22Fax%22%3Bs%3A0%3
A%22%22%3Bs%3A13%3A%22CustomerEmail%22%3Bs%3A0%3A%22%22%3Bs%3A14%3A%22Co
mpanyWebsite%22%3Bs%3A0%3A%22%22%3Bs%3A23%3A%22HowManySamplesAvailable%2
2%3Bs%3A0%3A%22%22%3Bs%3A24%3A%22AnyExistingCertification%22%3Bs%3A0%3A%
22%22%3Bs%3A12%3A%22NameOfDevice%22%3Bs%3A0%3A%22%22%3Bs%3A22%3A%22Varia
tionsInTheProduct%22%3Bs%3A0%3A%22%22%3Bs%3A15%3A%22HowManyIOCables%22%3
Bs%3A0%3A%22%22%3Bs%3A22%3A%22DimensionsSizeAndSetup%22%3Bs%3A4%3A%22tes
t%22%3Bs%3A19%3A%22TransmitterReceiver%22%3Ba%3A1%3A%7Bi%3A0%3Bs%3A11%3A
%22Transmitter%22%3B%7Ds%3A23%3A%22WhoIsTheUserOfEquipment%22%3Bs%3A4%3A
%22test%22%3Bs%3A13%3A%22FCCICApproval%22%3Bs%3A3%3A%22yes%22%3Bs%3A14%3
A%22MILSTDApproval%22%3Bs%3A3%3A%22yes%22%3Bs%3A13%3A%22ApprovalTypes%22
%3Bs%3A0%3A%22%22%3Bs%3A15%3A%22TargetCountries%22%3Ba%3A1%3A%7Bi%3A0%3B
s%3A3%3A%22USA%22%3B%7Ds%3A19%3A%22CommentsDescription%22%3Bs%3A4%3A%22t
est%22%3Bs%3A6%3A%22__ec_i%22%3Bs%3A46%3A%22ec.1234232363.da9330995e5da1
94592cd2b63ff86d92%22%3Bs%3A6%3A%22__ec_s%22%3Bs%3A5%3A%22cl8xx%22%3Bs%3
A6%3A%22SUBMIT%22%3Bs%3A9%3A%22Send+Form%22%3B%7D
	
	HTTP/1.x 200 OK
	Date: Tue, 10 Feb 2009 02:22:20 GMT
	Server: Apache/2.0.52 (CentOS)
	X-Powered-By: PHP/4.3.9
	Expires: Thu, 19 Nov 1981 08:52:00 GMT
	Cache-Control: no-store, no-cache, must-revalidate,
post-check=0, pre-check=0
	Pragma: no-cache
	Set-Cookie: form=deleted; expires=Mon, 11-Feb-2008 02:22:19 GMT
	Connection: close
	Transfer-Encoding: chunked
	Content-Type: text/html
	----------------------------------------------------------
	
http://www.wll.com//captcha/captcha.php?__ec_i=ec.1234232540.05ead51af64
ae99216682f155c9f4ceb&
	
	GET
//captcha/captcha.php?__ec_i=ec.1234232540.05ead51af64ae99216682f155c9f4
ceb& HTTP/1.1
	Host: www.wll.com:80
	User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US;
rv:1.9.0.5) Gecko/2008120122 Firefox/3.0.5
	Accept: image/png,image/*;q=0.8,*/*;q=0.5
	Accept-Language: en-us,en;q=0.5
	Accept-Encoding: gzip,deflate
	Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
	Keep-Alive: 300
	Connection: keep-alive
	Referer: http://www.wll.com/quote.php
	Cookie: PHPSESSID=5257a97a577ea059bb286491a368c8d8
	
	HTTP/1.x 200 OK
	Date: Tue, 10 Feb 2009 02:22:20 GMT
	Server: Apache/2.0.52 (CentOS)
	X-Powered-By: PHP/4.3.9
	Pragma: no-cache
	Cache-Control: no-cache, no-store, must-revalidate, private
	Expires: Tue, 10 Feb 2009 02:22:20 +0000
	Content-Length: 5849
	Connection: close
	Content-Type: image/jpeg
	----------------------------------------------------------
	http://downloads.thespringbox.com/web/wrapper.php?file=68671.sbw
	
	GET /web/wrapper.php?file=68671.sbw HTTP/1.1
	Host: downloads.thespringbox.com
	User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US;
rv:1.9.0.5) Gecko/2008120122 Firefox/3.0.5
	Accept:
text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
	Accept-Language: en-us,en;q=0.5
	Accept-Encoding: gzip,deflate
	Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
	Keep-Alive: 300
	Connection: keep-alive
	Referer: http://www.wll.com/quote.php
	
	HTTP/1.x 200 OK
	Server: Apache/2.2.8 (Unix) PHP/5.2.5 with Suhosin-Patch
	X-Powered-By: PHP/5.2.5
	Content-Length: 49750
	Content-Type: application/x-shockwave-flash
	Expires: Tue, 10 Feb 2009 02:22:20 GMT
	Cache-Control: max-age=0, no-cache
	Pragma: no-cache
	Date: Tue, 10 Feb 2009 02:22:20 GMT
	Connection: keep-alive
	----------------------------------------------------------
	
http://data.fimlabs.net/amfToRest.php?host=downloads%2Ethespringbox%2Eco
m&page=&widget%5Fname=68671&rf=loadVars&method=checkPermissions&service=
TheSpringBox
	
	GET
/amfToRest.php?host=downloads%2Ethespringbox%2Ecom&page=&widget%5Fname=6
8671&rf=loadVars&method=checkPermissions&service=TheSpringBox HTTP/1.1
	Host: data.fimlabs.net
	User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US;
rv:1.9.0.5) Gecko/2008120122 Firefox/3.0.5
	Accept:
text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
	Accept-Language: en-us,en;q=0.5
	Accept-Encoding: gzip,deflate
	Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
	Keep-Alive: 300
	Connection: keep-alive
	
	HTTP/1.x 200 OK
	Server: Apache/2.2.8 (Unix) PHP/5.2.5 with Suhosin-Patch
	X-Powered-By: PHP/5.2.5
	Content-Length: 277
	Content-Type: text/html
	Date: Tue, 10 Feb 2009 02:22:21 GMT
	Connection: keep-alive
	----------------------------------------------------------
	http://cdn.thespringbox.com/analytics/uid.php?user%5Fid=%2D1
	
	GET /analytics/uid.php?user%5Fid=%2D1 HTTP/1.1
	Host: cdn.thespringbox.com
	User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US;
rv:1.9.0.5) Gecko/2008120122 Firefox/3.0.5
	Accept:
text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
	Accept-Language: en-us,en;q=0.5
	Accept-Encoding: gzip,deflate
	Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
	Keep-Alive: 300
	Connection: keep-alive
	Cookie: uid=e0891c95ad969d6633244de473cf2377;
NSC_gjnmbc-qspe=440f89bb3660
	
	HTTP/1.x 200 OK
	Date: Tue, 10 Feb 2009 02:22:21 GMT
	Server: Apache/2.2.8 (Unix) PHP/5.2.5 with Suhosin-Patch
	X-Powered-By: PHP/5.2.5
	Content-Length: 36
	Keep-Alive: timeout=390, max=9069
	Connection: Keep-Alive
	Content-Type: text/html
	Set-Cookie: NSC_gjnmbc-qspe=440f89bb3660;expires=Tue, 10-Feb-09
02:27:21 GMT;path=/
	----------------------------------------------------------
	
http://downloads.thespringbox.com/widgets/download.php?file=RSS%20Reader
.sbw
	
	GET /widgets/download.php?file=RSS%20Reader.sbw HTTP/1.1
	Host: downloads.thespringbox.com
	User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US;
rv:1.9.0.5) Gecko/2008120122 Firefox/3.0.5
	Accept:
text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
	Accept-Language: en-us,en;q=0.5
	Accept-Encoding: gzip,deflate
	Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
	Keep-Alive: 300
	Connection: keep-alive
	
	HTTP/1.x 200 OK
	Server: Apache/2.2.8 (Unix) PHP/5.2.5 with Suhosin-Patch
	X-Powered-By: PHP/5.2.5
	Content-Length: 75238
	Content-Type: application/sbw
	Date: Tue, 10 Feb 2009 02:22:21 GMT
	Connection: keep-alive
	----------------------------------------------------------
	

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nyphp.org/pipermail/talk/attachments/20090209/337be3f3/attachment.html>

More information about the talk mailing list