Cookie problems / strict mode
Hi, I am using http-client 2.0.1 (1 August 2004). I noticed that lots of websites just accept the cookies to be sent in one single line (like sent by IE). This is with http-client just possible in strict mode. But now I have a webserver which redirects me to an URL which is not allowed/valid in strict mode, but at the same time it accepts just the cookies send in a single line. I saw a patch from 2003 which allowed the user to add a cookie request-header manually. This patch has been removed again from the new version? Is there now another technique for that? I don't understand why this 'sending of cookies in a single line' must be bound to the strict mode, which has apparently also other impacts. It would be very nice if you could give me some help how to solve this problem. For me it's either way if I create the cookie-header myself or it's done by the http-client or in whatever way. It just must access this site and I don't know how. Thanks for help, Robert. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Cookie problems / strict mode
Robert, It is a known problem with HttpClient 2.0. There are three possibilities: (1) Use HttpClient 3.0, which provides fine-grained control over protocol compliance leniency. (2) Disable auto redirect and handle redirects manually http://jakarta.apache.org/commons/httpclient/redirects.html (3) Override HttpMethodBase#addCookieRequestHeader() method protected void addCookieRequestHeader( HttpState state, HttpConnection conn) throws IOException, HttpException { // Clean up the cookie headers removeRequestHeader(cookie); CookieSpec matcher = CookiePolicy.getSpecByPolicy(state.getCookiePolicy()); Cookie[] cookies = matcher.match(conn.getHost(), conn.getPort(), getPath(), conn.isSecure(), state.getCookies()); if ((cookies != null) (cookies.length 0)) { getRequestHeaderGroup().addHeader( matcher.formatCookieHeader(cookies)); } } Hope this helps Oleg On Tue, 2004-09-21 at 12:10, Robert Gold wrote: Hi, I am using http-client 2.0.1 (1 August 2004). I noticed that lots of websites just accept the cookies to be sent in one single line (like sent by IE). This is with http-client just possible in strict mode. But now I have a webserver which redirects me to an URL which is not allowed/valid in strict mode, but at the same time it accepts just the cookies send in a single line. I saw a patch from 2003 which allowed the user to add a cookie request-header manually. This patch has been removed again from the new version? Is there now another technique for that? I don't understand why this 'sending of cookies in a single line' must be bound to the strict mode, which has apparently also other impacts. It would be very nice if you could give me some help how to solve this problem. For me it's either way if I create the cookie-header myself or it's done by the http-client or in whatever way. It just must access this site and I don't know how. Thanks for help, Robert. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] *** The information in this email is confidential and may be legally privileged. Access to this email by anyone other than the intended addressee is unauthorized. If you are not the intended recipient of this message, any review, disclosure, copying, distribution, retention, or any action taken or omitted to be taken in reliance on it is prohibited and may be unlawful. If you are not the intended recipient, please reply to or forward a copy of this message to the sender and delete the message, any attachments, and any copies thereof from your system. *** - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Cookie problems / strict mode
Thanks for the fast reply! 1) I'm not sure about using already the alpha version. 3) This is exactly what I didn't want to do, to create my own Get-, Post- and whatever method. 2) I'll be forced to do it like this even if I didn't want to correct the 'malformed' URL... But thanks for the http-client anyway it's a very good thing! Ciao, Robert. -Original Message- From: Oleg Kalnichevski [mailto:@bearingpoint.com] Sent: 21 September 2004 15:36 To: [EMAIL PROTECTED] Subject: Re: Cookie problems / strict mode Robert, It is a known problem with HttpClient 2.0. There are three possibilities: (1) Use HttpClient 3.0, which provides fine-grained control over protocol compliance leniency. (2) Disable auto redirect and handle redirects manually http://jakarta.apache.org/commons/httpclient/redirects.html (3) Override HttpMethodBase#addCookieRequestHeader() method protected void addCookieRequestHeader( HttpState state, HttpConnection conn) throws IOException, HttpException { // Clean up the cookie headers removeRequestHeader(cookie); CookieSpec matcher = CookiePolicy.getSpecByPolicy(state.getCookiePolicy()); Cookie[] cookies = matcher.match(conn.getHost(), conn.getPort(), getPath(), conn.isSecure(), state.getCookies()); if ((cookies != null) (cookies.length 0)) { getRequestHeaderGroup().addHeader( matcher.formatCookieHeader(cookies)); } } Hope this helps Oleg On Tue, 2004-09-21 at 12:10, Robert Gold wrote: Hi, I am using http-client 2.0.1 (1 August 2004). I noticed that lots of websites just accept the cookies to be sent in one single line (like sent by IE). This is with http-client just possible in strict mode. But now I have a webserver which redirects me to an URL which is not allowed/valid in strict mode, but at the same time it accepts just the cookies send in a single line. I saw a patch from 2003 which allowed the user to add a cookie request-header manually. This patch has been removed again from the new version? Is there now another technique for that? I don't understand why this 'sending of cookies in a single line' must be bound to the strict mode, which has apparently also other impacts. It would be very nice if you could give me some help how to solve this problem. For me it's either way if I create the cookie-header myself or it's done by the http-client or in whatever way. It just must access this site and I don't know how. Thanks for help, Robert. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] *** The information in this email is confidential and may be legally privileged. Access to this email by anyone other than the intended addressee is unauthorized. If you are not the intended recipient of this message, any review, disclosure, copying, distribution, retention, or any action taken or omitted to be taken in reliance on it is prohibited and may be unlawful. If you are not the intended recipient, please reply to or forward a copy of this message to the sender and delete the message, any attachments, and any copies thereof from your system. *** - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]