[ python-Bugs-1570255 ] redirected cookies

SourceForge.net noreply at sourceforge.net
Tue Nov 7 04:59:58 CET 2006 

Bugs item #1570255, was opened at 2006-10-04 09:37
Message generated for change (Comment added) made by hans_moleman
You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=105470&aid=1570255&group_id=5470

Please note that this message will contain a full copy of the comment thread,
including the initial issue submission, for this request,
not just the latest update.
Category: None
Group: None
Status: Open
Resolution: None
Priority: 5
Private: No
Submitted By: hans_moleman (hans_moleman)
Assigned to: Nobody/Anonymous (nobody)
Summary: redirected cookies

Initial Comment:
Cookies are not resend when a redirect is requested.

Blurb:
I've been trying to get a response off a server using
Python.
The response so far differs from the response using
Firefox.
In Python, I have set headers and cookies the way
Firefox does it.

I noticed that the server accepts the POST request, and
redirects the client to another address with the result
on it. This happens both with Python and Firefox correctly.

Cookie handling differs though:
The Python client, when redirected, using the standard
redirect handler, does not resend its cookies to the
redirected address.
Firefox does resend the cookies from the original request.

When I redefine the redirect handler and code it so
that it adds the cookies from the original request,
the response is the same as Firefox's response. This
confirms then that resending cookies is required to get
the server to respond correctly.

Is the default Python redirection cookie policy
different from Firefox's policy?
Could we improve the default redirection handler to
work like Firefox?
Is it a bug?

I noticed an old open bug report 511786, that looks
very much like this problem. It suggests it is fixed.

Cheers Hans Moleman. 


----------------------------------------------------------------------

>Comment By: hans_moleman (hans_moleman)
Date: 2006-11-07 16:59

Message:
Logged In: YES 
user_id=1610873

I believe that a bit of coding is missing.

When a cookie is added in 'add_cookie_header' in
cookielib.py, it is added under the
request.unredirected_hdrs. Line 1317.
When a request is resend after a redirect request in
'redirect_request' in urllib2.py, the request.headers are
used. Line 509.

Additional coding is required that moves cookies from
'unredirected_hdrs' to 'headers' if the domain of 
the original request matches the domain of the redirected
request.

I've used http://www.w3.org/Protocols/rfc2109/rfc2109 for that.
No idea if that rfc is still current though.

 


----------------------------------------------------------------------

Comment By: hans_moleman (hans_moleman)
Date: 2006-10-30 07:53

Message:
Logged In: YES 
user_id=1610873

OK. I'll have a look at that. 
Thanks for the pointers.
 

----------------------------------------------------------------------

Comment By: A.M. Kuchling (akuchling)
Date: 2006-10-28 01:16

Message:
Logged In: YES 
user_id=11375

Given the sensitive data in your script, it's certainly best
to not post it.  You'll have to dig into urllib2 yourself, I
think.

Start by looking at the code in redirect_request(), around
line 520 of urllib2.py, and adding some debug prints.  Print
out the contents of req.headers; is the cookie line in
there?  Change the __init__ of AbstractHTTPHandler to
default debuglevel to 1, not 0; this will print out all the
HTTP lines being sent and received.


----------------------------------------------------------------------

Comment By: hans_moleman (hans_moleman)
Date: 2006-10-27 17:20

Message:
Logged In: YES 
user_id=1610873

I am using this script to obtain monthly internet usage
statistics from my ISP.
My ISP provides a screen via HTTPS, to enter a usercode and
password, after which the usage statistics are displayed on
a different address. 
I cannot send this script with my usercode and password. My
ISP might not like me doing this either.

Therefore I'll try to find another server that behaves
similarly, and send you that.



----------------------------------------------------------------------

Comment By: A.M. Kuchling (akuchling)
Date: 2006-10-27 09:16

Message:
Logged In: YES 
user_id=11375

More detail is needed to figure out if there's a problem;
can you give a sample URL to exhibit the problem?  can you
provide your code?  From the description, it's unclear if
this might be a bug in the handling of redirects or in the
CookieProcessor class.

The bug in 511786 is still fixed; that bug includes sample
code, so I could check it.


----------------------------------------------------------------------

You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=105470&aid=1570255&group_id=5470

More information about the Python-bugs-list mailing list