Index: openacs-4/packages/acs-lang/tcl/lang-util-procs.tcl =================================================================== RCS file: /usr/local/cvsroot/openacs-4/packages/acs-lang/tcl/lang-util-procs.tcl,v diff -u -N -r1.46 -r1.47 --- openacs-4/packages/acs-lang/tcl/lang-util-procs.tcl 8 Jan 2010 17:39:58 -0000 1.46 +++ openacs-4/packages/acs-lang/tcl/lang-util-procs.tcl 8 Apr 2013 15:50:25 -0000 1.47 @@ -367,7 +367,9 @@ @return IANA MIME character set name } { # DRB: cache this now that ad_conn tracks it - return [db_string -cache_key ad_lang_mime_charset_$locale charset_for_locale {}] + set key ::lang::util::charset_for_locale($locale) + if {[info exists $key]} {return [set $key]} + set $key [db_string -cache_key ad_lang_mime_charset_$locale charset_for_locale {}] } ad_proc -private lang::util::default_locale_from_lang_not_cached { Index: openacs-4/packages/acs-lang/tcl/locale-procs.tcl =================================================================== RCS file: /usr/local/cvsroot/openacs-4/packages/acs-lang/tcl/locale-procs.tcl,v diff -u -N -r1.37 -r1.38 --- openacs-4/packages/acs-lang/tcl/locale-procs.tcl 8 Jan 2010 17:39:58 -0000 1.37 +++ openacs-4/packages/acs-lang/tcl/locale-procs.tcl 8 Apr 2013 15:50:25 -0000 1.38 @@ -640,17 +640,20 @@ {-package_id ""} {-site_wide:boolean} {-iso6392:boolean} + {-locale ""} } { Get the language for this request, perhaps for a given package instance. @param package_id The package for which you want to get the language. @param site_wide Set this if you want to get the site-wide language. @param iso6392 Set this if you want to force the iso-639-2 code + @param locale obtain language from provided locale @return 3 chars language code if iso6392 is set, left part of locale otherwise } { - - set locale [locale -package_id $package_id -site_wide=$site_wide_p] + if {$locale eq ""} { + set locale [locale -package_id $package_id -site_wide=$site_wide_p] + } set conn_lang [lindex [split $locale "_"] 0] if { $iso6392_p } { Index: openacs-4/packages/acs-tcl/tcl/apm-procs.tcl =================================================================== RCS file: /usr/local/cvsroot/openacs-4/packages/acs-tcl/tcl/apm-procs.tcl,v diff -u -N -r1.93 -r1.94 --- openacs-4/packages/acs-tcl/tcl/apm-procs.tcl 4 Apr 2013 08:32:11 -0000 1.93 +++ openacs-4/packages/acs-tcl/tcl/apm-procs.tcl 8 Apr 2013 15:50:25 -0000 1.94 @@ -1162,14 +1162,17 @@ db_1row select_version_info {} -column_array row } +namespace eval ::acs {} # # package_id -> package_key # ad_proc -public apm_package_key_from_id {package_id} { @return The package key of the instance. } { - return [util_memoize "apm_package_key_from_id_mem $package_id"] + set key ::acs::apm_package_key_from_id($package_id) + if {[info exists $key]} {return [set $key]} + set $key [apm_package_key_from_id_mem $package_id] } ad_proc -private apm_package_key_from_id_mem {package_id} { Index: openacs-4/packages/acs-tcl/tcl/defs-procs.tcl =================================================================== RCS file: /usr/local/cvsroot/openacs-4/packages/acs-tcl/tcl/defs-procs.tcl,v diff -u -N -r1.61 -r1.62 --- openacs-4/packages/acs-tcl/tcl/defs-procs.tcl 8 Dec 2012 17:42:32 -0000 1.61 +++ openacs-4/packages/acs-tcl/tcl/defs-procs.tcl 8 Apr 2013 15:50:25 -0000 1.62 @@ -665,18 +665,15 @@ @param name The name of the parameter. @return The parameter of the object or if it doesn't exist, the default. } { - set ns_param "" # The below is really a hack because none of the calls to ad_parameter in the system # actually call 'ad_parameter param_name acs-kernel'. if { $package_key eq "" || $package_key eq "acs-kernel"} { - set ns_param [ns_config "ns/server/[ns_info server]/acs" $name] - } else { - set ns_param [ns_config "ns/server/[ns_info server]/acs/$package_key" $name] + return [ns_config "ns/server/[ns_info server]/acs" $name] } - return $ns_param + return [ns_config "ns/server/[ns_info server]/acs/$package_key" $name] } @@ -688,7 +685,7 @@ parameter_name } { - Manages the cache for ad_paremeter. + Manages the cache for ad_parameter. @param -set Use this flag to indicate a value to set in the cache. @param -delete Delete the value from the cache @param -global If true, global param, false, instance param Index: openacs-4/packages/acs-tcl/tcl/parameter-procs.tcl =================================================================== RCS file: /usr/local/cvsroot/openacs-4/packages/acs-tcl/tcl/parameter-procs.tcl,v diff -u -N -r1.18 -r1.19 --- openacs-4/packages/acs-tcl/tcl/parameter-procs.tcl 25 Mar 2010 01:02:16 -0000 1.18 +++ openacs-4/packages/acs-tcl/tcl/parameter-procs.tcl 8 Apr 2013 15:50:25 -0000 1.19 @@ -150,31 +150,31 @@ if {$package_id eq ""} { set package_id [ad_requested_object_id] } - - set package_key "" set value "" + + # 1. If there is not package_id provided, check whether there is a + # parameter by this name in the parameter file? Actually, + # ad_parameter_from_file is a misnomer, since the it checks ns_config + # values if {$package_id ne ""} { + set package_key "" # This can fail at server startup--OpenACS calls parameter::get to # get the size of the util_memoize cache so it can setup the cache. # apm_package_key_from_id needs that cache, but on server start # when the toolkit tries to get the parameter for the cache size # the cache doesn't exist yet, so apm_package_key_from_id fails - catch { + if {![catch { set package_key [apm_package_key_from_id $package_id] - } + }]} { + set value [ad_parameter_from_file $parameter $package_key] + } } - # If I convert the package_id to a package_key, is there a parameter by this - # name in the parameter file? If so, it takes precedence. - # 1. use the parameter file - if {$package_key ne ""} { - set value [ad_parameter_from_file $parameter $package_key] - } - # 2. check the parameter cache if {$value eq ""} { set value [ad_parameter_cache $package_id $parameter] } + # 3. use the default value if {$value eq ""} { set value $default @@ -185,9 +185,6 @@ set value [lang::util::localize $value] } - # Trimming the value as people may have accidentally put in trailing spaces - set value [string trim $value] - # Special parsing for boolean parameters, true and false can be written # in many different ways if { $boolean_p } { Index: openacs-4/packages/acs-tcl/tcl/request-processor-init.tcl =================================================================== RCS file: /usr/local/cvsroot/openacs-4/packages/acs-tcl/tcl/request-processor-init.tcl,v diff -u -N -r1.14 -r1.15 --- openacs-4/packages/acs-tcl/tcl/request-processor-init.tcl 12 Feb 2009 15:38:41 -0000 1.14 +++ openacs-4/packages/acs-tcl/tcl/request-processor-init.tcl 8 Apr 2013 15:50:25 -0000 1.15 @@ -24,6 +24,41 @@ } } +if { [parameter::get -package_id [ad_acs_kernel_id] -parameter DebugP -default 0] || + [parameter::get -package_id [ad_acs_kernel_id] -parameter LogDebugP -default 0] + } { + + ad_proc -private rp_debug { { -debug f } { -ns_log_level notice } string } { + + Logs a debugging message, including a high-resolution (millisecond) + timestamp. + + } { + if { [parameter::get -package_id [ad_acs_kernel_id] -parameter DebugP -default 0] } { + set clicks [clock clicks -milliseconds] + ds_add rp [list debug $string $clicks $clicks] + } + if { [parameter::get -package_id [ad_acs_kernel_id] -parameter LogDebugP -default 0] + || $debug eq "t" + || $debug eq "1" + } { + if { [info exists ::ad_conn(start_clicks)] } { + set timing " ([expr {([clock clicks -milliseconds] - $::ad_conn(start_clicks))}] ms)" + } else { + set timing "" + } + ns_log $ns_log_level "RP$timing: $string" + } + } +} else { + ad_proc -private rp_debug { { -debug f } { -ns_log_level notice } string } { + dummy placeholder + } { + return + } +} + + # JCD this belongs in acs-permission-init.tcl but I did not want to duplicate [ad_acs_kernel_id] # Nuke the existing definition. and create one with the parameter set Index: openacs-4/packages/acs-tcl/tcl/request-processor-procs.tcl =================================================================== RCS file: /usr/local/cvsroot/openacs-4/packages/acs-tcl/tcl/request-processor-procs.tcl,v diff -u -N -r1.111 -r1.112 --- openacs-4/packages/acs-tcl/tcl/request-processor-procs.tcl 29 Mar 2013 14:41:30 -0000 1.111 +++ openacs-4/packages/acs-tcl/tcl/request-processor-procs.tcl 8 Apr 2013 15:50:25 -0000 1.112 @@ -525,7 +525,15 @@ ##### ad_conn -reset - ad_conn -set request [nsv_incr rp_properties request_count] + if {[ns_info name] eq "NaviServer"} { + # ns_conn id the internal counter by aolserver 4.5 and + # NaviServer. The semantics of the counter were different in + # Aolserver 4.0, when we require at least AolServer 4.5 the + # server test could go away. + ad_conn -set request [ns_conn id] + } else { + ad_conn -set request [nsv_incr rp_properties request_count] + } ad_conn -set user_id 0 ad_conn -set start_clicks [clock clicks -milliseconds] @@ -536,29 +544,31 @@ # ------------------------------------------------------------------------- # 1. determine the root of the host and the requested URL set root [root_of_host [ad_host]] - set url [ad_conn url] + set ad_conn_url [ad_conn url] + # 2. handle special case: if the root is a prefix of the URL, # remove this prefix from the URL, and redirect. if { $root ne "" } { - if { [regexp "^${root}(.*)$" $url match url] } { + if { [regexp "^${root}(.*)$" $ad_conn_url match url] } { if { [regexp {^GET [^\?]*\?(.*) HTTP} [ns_conn request] match vars] } { append url ?$vars } if { [security::secure_conn_p] } { # it's a secure connection. ad_returnredirect \ - -allow_complete_url https://[ad_host][ad_port]$url + -allow_complete_url https://[ad_host][ad_port]$ad_conn_url return "filter_return" } else { ad_returnredirect \ - -allow_complete_url http://[ad_host][ad_port]$url + -allow_complete_url http://[ad_host][ad_port]$ad_conn_url return "filter_return" } } # Normal case: Prepend the root to the URL. # 3. set the intended URL - ad_conn -set url ${root}${url} + ad_conn -set url ${root}${ad_conn_url} + set ad_conn_url [ad_conn url] # 4. set urlv and urlc for consistency set urlv [lrange [split $root /] 1 end] @@ -587,12 +597,10 @@ ns_returnredirect "http://www.yahoo.com" return "filter_return" } - ## BLOCK NASTY YAHOO FINISH - set acs_kernel_id [util_memoize ad_acs_kernel_id] if { $root eq "" - && [parameter::get -package_id $acs_kernel_id -parameter ForceHostP -default 0] } { + && [parameter::get -package_id [ad_acs_kernel_id] -parameter ForceHostP -default 0] } { set host_header [ns_set iget [ns_conn headers] "Host"] regexp {^([^:]*)} $host_header "" host_no_port regexp {^https?://([^:]+)} [ns_conn location] "" desired_host_no_port @@ -616,14 +624,14 @@ ad_conn -set urlc [expr {[ad_conn urlc] - 1}] ad_conn -set urlv [lrange [ad_conn urlv] 0 [expr {[llength [ad_conn urlv]] - 2}] ] } - rp_debug -ns_log_level debug -debug t "rp_filter: setting up request: [ns_conn method] [ns_conn url] [ns_conn query]" - if { [catch { array set node [site_node::get -url [ad_conn url]] } errmsg] } { + if { [catch { array set node [site_node::get -url $ad_conn_url] } errmsg] } { # log and do nothing rp_debug "error within rp_filter [ns_conn method] [ns_conn url] [ns_conn query]. $errmsg" } else { - if {$node(url) eq "[ad_conn url]/"} { + + if {$node(url) eq "$ad_conn_url/"} { ad_returnredirect $node(url) rp_debug "rp_filter: returnredirect $node(url)" rp_debug "rp_filter: return filter_return" @@ -639,7 +647,7 @@ ad_conn -set package_key $node(package_key) ad_conn -set package_url $node(url) ad_conn -set instance_name $node(instance_name) - ad_conn -set extra_url [string range [ad_conn url] [string length $node(url)] end] + ad_conn -set extra_url [string range $ad_conn_url [string length $node(url)] end] } ##### @@ -653,11 +661,9 @@ # We wrap this in a catch, because we don't want an error here to # cause the request to fail. if { [catch { apm_load_any_changed_libraries } error] } { - global errorInfo - ns_log Error "rp_filter: error apm_load_any_changed_libraries: $errorInfo" + ns_log Error "rp_filter: error apm_load_any_changed_libraries: $::errorInfo" } } - ##### # # Read in and/or generate security cookies. @@ -674,9 +680,10 @@ # Set locale and language of the request. We need ad_conn user_id to be set at this point if { [catch { - ad_conn -set locale [lang::conn::locale] - ad_conn -set language [lang::conn::language] - ad_conn -set charset [lang::util::charset_for_locale [ad_conn locale]] + set locale [lang::conn::locale -package_id [ad_conn package_id]] + ad_conn -set locale $locale + ad_conn -set language [lang::conn::language -locale $locale] + ad_conn -set charset [lang::util::charset_for_locale $locale] }] } { # acs-lang doesn't seem to be installed. Even though it must be installed now, # the problem is that if it isn't, everything breaks. So we wrap it in @@ -689,9 +696,9 @@ } if {[ns_info name] eq "NaviServer"} { - # provide context information for background writer - set requestor [expr {$::ad_conn(user_id) == 0 ? [ad_conn peeraddr] : $::ad_conn(user_id)}] - catch {ns_conn clientdata [list $requestor [ns_conn url]]} + # provide context information for background writer + set requestor [expr {$::ad_conn(user_id) == 0 ? [ad_conn peeraddr] : $::ad_conn(user_id)}] + catch {ns_conn clientdata [list $requestor [ns_conn url]]} } # Who's online @@ -702,7 +709,6 @@ # Make sure the user is authorized to make this request. # ##### - if { [ad_conn object_id] ne "" } { ad_try { switch -glob -- [ad_conn extra_url] { @@ -720,40 +726,16 @@ } } } ad_script_abort val { - rp_finish_serving_page - rp_debug "rp_filter: return filter_return" - return "filter_return" + rp_finish_serving_page + rp_debug "rp_filter: return filter_return" + return "filter_return" } } + rp_debug "rp_filter: return filter_ok" return "filter_ok" } -ad_proc -private rp_debug { { -debug f } { -ns_log_level notice } string } { - - Logs a debugging message, including a high-resolution (millisecond) - timestamp. - -} { - if { [parameter::get -package_id [ad_acs_kernel_id] -parameter DebugP -default 0] } { - global ad_conn - set clicks [clock clicks -milliseconds] - ds_add rp [list debug $string $clicks $clicks] - } - if { [parameter::get -package_id [ad_acs_kernel_id] -parameter LogDebugP -default 0] - || $debug eq "t" - || $debug eq "1" - } { - global ad_conn - if { [info exists ad_conn(start_clicks)] } { - set timing " ([expr {([clock clicks -milliseconds] - $ad_conn(start_clicks))}] ms)" - } else { - set timing "" - } - ns_log $ns_log_level "RP$timing: $string" - } -} - ad_proc rp_report_error { -message } { @@ -1515,11 +1497,19 @@ } } +namespace eval ::acs {} + ad_proc root_of_host {host} { Maps a hostname to the corresponding sub-directory. } { + set key ::acs::root_of_host($host) + if {[info exists $key]} {return [set $key]} + set $key [root_of_host1 $key] +} + +proc root_of_host1 {host} { # The main hostname is mounted at /. - if { [string equal $host [ns_config ns/server/[ns_info server]/module/nssock Hostname]] } { + if { $host eq [ns_config ns/server/[ns_info server]/module/nssock Hostname] } { return "" } # Other hostnames map to subsites. @@ -1557,6 +1547,7 @@ } + if {[ns_info name] eq "NaviServer"} { # this is written for NaviServer 4.99.1 or newer foreach filter {rp_filter rp_resources_filter request_denied_filter} { @@ -1576,3 +1567,4 @@ rename rp_invoke_proc $cmd proc rp_invoke_proc { argv } "$cmd _ \$argv" } + Index: openacs-4/packages/acs-tcl/tcl/security-procs.tcl =================================================================== RCS file: /usr/local/cvsroot/openacs-4/packages/acs-tcl/tcl/security-procs.tcl,v diff -u -N -r1.73 -r1.74 --- openacs-4/packages/acs-tcl/tcl/security-procs.tcl 29 Mar 2013 16:30:56 -0000 1.73 +++ openacs-4/packages/acs-tcl/tcl/security-procs.tcl 8 Apr 2013 15:50:25 -0000 1.74 @@ -98,19 +98,19 @@ # The session cookie already exists and is valid. set cookie_data [split [lindex $cookie_list 0] {,}] set session_last_renew_time [lindex $cookie_data 3] - if {![string is integer -strict $session_last_renew_time]} { - # This only happens if the session cookie is old style - # previous to openacs 5.7 and does not have session review time - # embedded. - # Assume cookie expired and force login handler - set session_last_renew_time 0 - } - - set session_expr [expr {$session_last_renew_time + [sec_session_timeout]}] - - if {$session_expr < [ns_time]} { - sec_login_handler - } + if {![string is integer -strict $session_last_renew_time]} { + # This only happens if the session cookie is old style + # previous to openacs 5.7 and does not have session review time + # embedded. + # Assume cookie expired and force login handler + set session_last_renew_time 0 + } + + set session_expr [expr {$session_last_renew_time + [sec_session_timeout]}] + if {$session_expr < [ns_time]} { + sec_login_handler + } + lassign $cookie_data session_id untrusted_user_id login_level set user_id 0 set account_status closed @@ -902,6 +902,7 @@ return 0 } set secret_token [sec_get_token $token_id] + } else { set secret_token $secret } @@ -910,7 +911,6 @@ ns_log Debug "__ad_verify_signature: Expire_Time is $expire_time (compare to [ns_time]), hash is $hash" # validate cookie: verify hash and expire_time - set computed_hash [ns_sha1 "$value$token_id$expire_time$secret_token"] # Need to verify both hash and expiration @@ -962,18 +962,13 @@ } { - if { $include_set_cookies eq "t" } { - set cookie_value [ns_urldecode [ad_get_cookie $name]] - } else { - set cookie_value [ns_urldecode [ad_get_cookie -include_set_cookies f $name]] - } + set cookie_value [ns_urldecode [ad_get_cookie -include_set_cookies $include_set_cookies $name]] if { $cookie_value eq "" } { error "Cookie does not exist." } lassign $cookie_value value signature - ns_log Debug "ad_get_signed_cookie: Got signed cookie $name with value $value, signature $signature." if { [ad_verify_signature $value $signature] } { @@ -999,11 +994,7 @@ } { - if { $include_set_cookies eq "t" } { - set cookie_value [ns_urldecode [ad_get_cookie $name]] - } else { - set cookie_value [ns_urldecode [ad_get_cookie -include_set_cookies f $name]] - } + set cookie_value [ns_urldecode [ad_get_cookie -include_set_cookies $include_set_cookies $name]] if { $cookie_value eq "" } { error "Cookie does not exist." @@ -1104,42 +1095,67 @@ } { - if { [info exists ::security::tcl_secret_tokens($token_id)] } { - return $::security::tcl_secret_tokens($token_id) - } else { - set token [ns_cache eval secret_tokens $token_id { - set token [db_string get_token {select token from secret_tokens - where token_id = :token_id} -default 0] - db_release_unused_handles + set key ::security::tcl_secret_tokens($token_id) + if { [info exists $key] } { return [set $key] } - # Very important to throw the error here if $token == 0 - - if { $token == 0 } { - error "Invalid token ID" - } - - return $token - }] - - set ::security::tcl_secret_tokens($token_id) $token - return $token + if {[array size ::security::tcl_secret_tokens] == 0} { + populate_secret_tokens_thread_cache + if { [info exists $key] } { return [set $key] } } + + # + # We might get token_ids from previous runs, so we have fetch these + # in case of a validation + # + set token [ns_cache eval secret_tokens $token_id { + set token [db_string get_token {select token from secret_tokens + where token_id = :token_id} -default 0] + db_release_unused_handles + + # Very important to throw the error here if $token == 0 + + if { $token == 0 } { + error "Invalid token ID" + } + + return $token + }] + set $key $token + return $token } ad_proc -private sec_get_random_cached_token_id {} { - Randomly returns a token_id from the ns_cache. + Randomly returns a token_id from the token cache } { - - set list_of_names [ns_cache names secret_tokens] - set random_seed [ns_rand [llength $list_of_names]] + #set list_of_names [ns_cache names secret_tokens] + set list_of_names [array names ::security::tcl_secret_tokens] + if {[llength $list_of_names] == 0} { + populate_secret_tokens_thread_cache + set list_of_names [array names ::security::tcl_secret_tokens] + } + set random_seed [ns_rand [llength $list_of_names]] return [lindex $list_of_names $random_seed] - } +ad_proc -private populate_secret_tokens_thread_cache {} { + + Copy secret_tokens cache to per-thread variables + +} { + set ids [ns_cache names secret_tokens] + if {[llength $ids] == 0} { + populate_secret_tokens_cache + set ids [ns_cache names secret_tokens] + } + foreach name $ids { + set ::security::tcl_secret_tokens($name) [ns_cache get secret_tokens $name] + } +} + ad_proc -private populate_secret_tokens_cache {} { Randomly populates the secret_tokens cache. @@ -1437,13 +1453,13 @@ @author Peter Marklund } { - return [expr ![empty_string_p [get_https_port]]] + return [expr {[get_https_port] ne ""}] } ad_proc -public security::secure_conn_p {} { Returns true if the connection [ad_conn] is secure (HTTPS), or false otherwise. } { - return [string match "https:*" [util_current_location]] + return [string match "https:*" [ns_conn location]] } ad_proc -public security::RestrictLoginToSSLP {} { Index: openacs-4/packages/acs-tcl/tcl/utilities-procs.tcl =================================================================== RCS file: /usr/local/cvsroot/openacs-4/packages/acs-tcl/tcl/utilities-procs.tcl,v diff -u -N -r1.131 -r1.132 --- openacs-4/packages/acs-tcl/tcl/utilities-procs.tcl 29 Mar 2013 16:32:45 -0000 1.131 +++ openacs-4/packages/acs-tcl/tcl/utilities-procs.tcl 8 Apr 2013 15:50:25 -0000 1.132 @@ -191,7 +191,7 @@ ad_proc -public get_referrer {} { gets the Referer for the headers } { - return [ns_set get [ad_conn headers] Referer] + return [ns_set get [ns_conn headers] Referer] } ## @@ -1930,22 +1930,26 @@ ad_proc -public ad_get_cookie { { -include_set_cookies t } - name { default "" } + name + { default "" } } { Returns the value of a cookie, or $default if none exists. } { + if { $include_set_cookies eq "t" } { - set headers [ad_conn outputheaders] - for { set i 0 } { $i < [ns_set size $headers] } { incr i } { + set headers [ns_conn outputheaders] + set nr_headers [ns_set size $headers] + for { set i 0 } { $i < $nr_headers } { incr i } { if { [string tolower [ns_set key $headers $i]] eq "set-cookie" && \ [regexp "^$name=(\[^;\]*)" [ns_set value $headers $i] match value] } { return $value } } } - set headers [ad_conn headers] + set headers [ns_conn headers] set cookie [ns_set iget $headers Cookie] + if { [regexp " $name=(\[^;\]*)" " $cookie" match value] } { # If the cookie was set to a blank value we actually stored two quotes. We need @@ -2322,9 +2326,10 @@ #Meta Refresh page instead of a redirect. # jbank@arsdigita.com 6/7/2000 set use_metarefresh_p 0 - set type [ns_set iget [ad_conn headers] content-type] + set headers [ns_conn headers] + set type [ns_set iget $headers content-type] if { [string match *multipart/form-data* [string tolower $type]] } { - set user_agent [ns_set get [ad_conn headers] User-Agent] + set user_agent [ns_set iget $headers User-Agent] set use_metarefresh_p [string match -nocase "*msie 5.0*" $user_agent] } if {[string match "https://*" [ad_conn location]] && [string match "http://*" $url]} { @@ -2484,7 +2489,7 @@ set port $driver(port) # This is the host from the browser's HTTP request - set Host [ns_set iget [ad_conn headers] Host] + set Host [ns_set iget [ns_conn headers] Host] set Hostv [split $Host ":"] set Host_hostname [lindex $Hostv 0] set Host_port [lindex $Hostv 1]