[pve-devel] API: Problem with special characters in cookie ticket

Floris Bos / Maxnet bos at je-eigen-domein.nl
Mon Dec 26 15:13:21 CET 2011


We noticed a problem when using the Zend_HTTP_Client class that comes 
with the Zend PHP framework to access the Proxmox 2 API.
It seems Zend automatically urlencodes any cookie you set with 
->setCookie(), and Proxmox does not accept that

GET /api2/json/nodes HTTP/1.1
User-Agent: Zend_Http_Client

HTTP/1.1 401 permission denied - invalid ticket

Not sure if it is only Zend that does that, or if there might be other 
HTTP clients that do the same.
But perhaps Proxmox could either avoid special characters in the ticket, 
or test if the value starts with "PVE%3A" and urldecode the cookie if 
that is the case, to avoid any interoperability issues?

Yours sincerely,

Floris Bos

More information about the pve-devel mailing list