Kjetil Kjernsmo wrote:

>We have seen a problem with server errors when getting malformed
>cookies. The problem has been seen before, we found from googling [1],
>but it is not clear how we should address this. We are not quite
>positive about the source of the malformed cookies, (it may have been
>only test code, it may have been old sins) but it seems like FF is
>sending them back as they were, while Opera makes an effort to make
>them valid. :-)
>The problem then occurs if there is a malformed cookie in the jar, if
>any cookie is attempted to be read, libapreq2 dies.
>First of all, is it the intended behavior that libapreq2 should die
>under these circumstances? If yes, are we supposed to deal with this by
>putting each read of a cookie in an eval block?

With Apache2::Cookie, I had server error problems with undefined values in
cookies that had previously worked fine with CGI::Cookie. I fixed the
problem by adding the lines below with the plus sign in front of them to the
Apache2::Cookie module:

sub freeze {
my ($class, $value) = @_;
die 'Usage: Apache2::Cookie->freeze($value)' unless @_ == 2;

if (not ref $value) {
return encode($value);
elsif (UNIVERSAL::isa($value, "ARRAY")) {
+ $_ ||= 0 for (@$value);
return join '&', map encode($_), @$value;
elsif (UNIVERSAL::isa($value, "HASH")) {
+ for (keys %$value) { $$value{$_} ||= 0; }
return join '&', map encode($_), %$value;

die "Can't freeze reference: $value";

sub thaw {
my $c = shift;
my @rv = split /&/, @_ ? shift : $c->SUPER::value;
+ $_ ||= 0 for (@rv);
return wantarray ? map decode($_), @rv : decode($rv[0]);