Why doesn't Safari set the cookies from my Perl CGI script?

Question

I have a Perl-based website that attempts to set a number of cookies on the users first visit and I just noticed that Safari has stopped setting all but the first cookie that is passed. On first visit two cookies should be set which are 'location' and 'referrer'. In IE and Firefox the cookies are being set correctly but Safari is only setting the 'location' cookie. I tried changing the names, values, etc. and the conclusion I've come to is that Safari is just setting the first of the two cookies:

Here is the code that is setting the cookies:

# Add location cookie if necessary
if(!$query->cookie('location') && $user_location) {
    my $cookie = $query->cookie(-name=>'location',-value=>qq|$user_lcoation|,-domain=>".domain.com",-path=>'/',-expires=>'+1Y');
    push(@cookies,$cookie);
}

# Add referrer if first visit
if(!$query->cookie('referrer')) {
    if($ENV{'HTTP_REFERER'}) {
        my $cookie = $query->cookie(-name=>'referrer',-value=>$ENV{'HTTP_REFERER'},-domain=>".domain.com",-path=>'/',-expires=>'+3M');
        push(@cookies,$cookie);
    }
    else {
        my $cookie = $query->cookie(-name=>'referrer',-value=>'unknown',-domain=>".domain.com",-path=>'/',-expires=>'+3M');
        push(@cookies,$cookie);
    }
}

if(scalar(@cookies)) {
    print $query->header(-cookie=>\@cookies);
}

Here is what I get when I try to access the website from curl:

curl -so /dev/null -D - http://domain.com

HTTP/1.1 200 OK
Date: Thu, 18 Feb 2010 20:19:17 GMT
Server: Apache/2.0.63 (Unix) mod_ssl/2.0.63 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 PHP/5.2.8 mod_perl/2.0.4 Perl/v5.8.8
Set-Cookie: location=Dallas; domain=.domain.com; path=/; expires=+1Y
Set-Cookie: referrer=unknown; domain=.domain.com; path=/; expires=Wed, 19-May-2010 20:19:20 GMT
Transfer-Encoding: chunked
Content-Type: text/html; charset=ISO-8859-1

Any ideas? I'm at a loss as to what I can do to help resolve this issue since it seems that my script is passing them correctly. Thanks in advance for any insights or ideas you might have!

Answer 1

Look at the expires date on the first cookie header -- it's a literal +1Y instead of the actual standard datestamp that it should be. My guess is that your version of Safari is choking on this and simply refuses to parse the remaining cookie headers.

To set a one-year expiration date, the correct syntax is -expires => '+1y' (lowercase Y).

Answer 2

Try upgrading CGI.pm (do cpan CGI). I had similar problem with cookies that was solved by CGI.pm upgrade.

Answer 3

a bit late for an aswer, but later better than never : a simple way, without having to reinstall/update CGI.pm, is to specify the date you want your cookie to expire, using DateTime.pm :

my $cookie = CGI->new->cookie(
    -name=>'cookie_name',
    -value=>'value',
    -domain=>$ENV{'HTTP_HOST'},
    -expires=>((DateTime->now->set_time_zone('local'))->add(months=>1)->strftime("%a, %d %b %Y %I:%M:%S GMT")),
    -path=>'/',
);

there i've got a cookie that will last for 1 month. I tested it on safari under XP, works fine. hope this will help