Cookie problems / strict mode
Hi, I am using http-client 2.0.1 (1 August 2004). I noticed that lots of websites just accept the cookies to be sent in one single line (like sent by IE). This is with http-client just possible in strict mode. But now I have a webserver which redirects me to an URL which is not allowed/valid in strict mode, but at the same time it accepts just the cookies send in a single line. I saw a patch from 2003 which allowed the user to add a cookie request-header manually. This patch has been removed again from the new version? Is there now another technique for that? I don't understand why this 'sending of cookies in a single line' must be bound to the strict mode, which has apparently also other impacts. It would be very nice if you could give me some help how to solve this problem. For me it's either way if I create the cookie-header myself or it's done by the http-client or in whatever way. It just must access this site and I don't know how. Thanks for help, Robert. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Cookie problems / strict mode
Robert,
It is a known problem with HttpClient 2.0.
There are three possibilities:
(1) Use HttpClient 3.0, which provides fine-grained control over
protocol compliance leniency.
(2) Disable auto redirect and handle redirects manually
http://jakarta.apache.org/commons/httpclient/redirects.html
(3) Override HttpMethodBase#addCookieRequestHeader() method
protected void addCookieRequestHeader(
HttpState state, HttpConnection conn)
throws IOException, HttpException {
// Clean up the cookie headers
removeRequestHeader(cookie);
CookieSpec matcher =
CookiePolicy.getSpecByPolicy(state.getCookiePolicy());
Cookie[] cookies = matcher.match(conn.getHost(), conn.getPort(),
getPath(), conn.isSecure(), state.getCookies());
if ((cookies != null) (cookies.length 0)) {
getRequestHeaderGroup().addHeader(
matcher.formatCookieHeader(cookies));
}
}
Hope this helps
Oleg
On Tue, 2004-09-21 at 12:10, Robert Gold wrote:
Hi,
I am using http-client 2.0.1 (1 August 2004).
I noticed that lots of websites just accept the cookies to be sent in one
single line (like sent by IE). This is with http-client just possible in
strict mode.
But now I have a webserver which redirects me to an URL which is not
allowed/valid in strict mode, but at the same time it accepts just the
cookies send in a single line.
I saw a patch from 2003 which allowed the user to add a cookie
request-header manually. This patch has been removed again from the new
version? Is there now another technique for that? I don't understand why
this 'sending of cookies in a single line' must be bound to the strict mode,
which has apparently also other impacts.
It would be very nice if you could give me some help how to solve this
problem. For me it's either way if I create the cookie-header myself or it's
done by the http-client or in whatever way. It just must access this site
and I don't know how.
Thanks for help,
Robert.
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
***
The information in this email is confidential and may be legally privileged. Access
to this email by anyone other than the intended addressee is unauthorized. If you are
not the intended recipient of this message, any review, disclosure, copying,
distribution, retention, or any action taken or omitted to be taken in reliance on it
is prohibited and may be unlawful. If you are not the intended recipient, please
reply to or forward a copy of this message to the sender and delete the message, any
attachments, and any copies thereof from your system.
***
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
RE: Cookie problems / strict mode
Thanks for the fast reply!
1) I'm not sure about using already the alpha version.
3) This is exactly what I didn't want to do, to create my own Get-, Post-
and whatever method.
2) I'll be forced to do it like this even if I didn't want to correct the
'malformed' URL...
But thanks for the http-client anyway it's a very good thing!
Ciao,
Robert.
-Original Message-
From: Oleg Kalnichevski [mailto:@bearingpoint.com]
Sent: 21 September 2004 15:36
To: [EMAIL PROTECTED]
Subject: Re: Cookie problems / strict mode
Robert,
It is a known problem with HttpClient 2.0.
There are three possibilities:
(1) Use HttpClient 3.0, which provides fine-grained control over
protocol compliance leniency.
(2) Disable auto redirect and handle redirects manually
http://jakarta.apache.org/commons/httpclient/redirects.html
(3) Override HttpMethodBase#addCookieRequestHeader() method
protected void addCookieRequestHeader(
HttpState state, HttpConnection conn)
throws IOException, HttpException {
// Clean up the cookie headers
removeRequestHeader(cookie);
CookieSpec matcher =
CookiePolicy.getSpecByPolicy(state.getCookiePolicy());
Cookie[] cookies = matcher.match(conn.getHost(), conn.getPort(),
getPath(), conn.isSecure(), state.getCookies());
if ((cookies != null) (cookies.length 0)) {
getRequestHeaderGroup().addHeader(
matcher.formatCookieHeader(cookies));
}
}
Hope this helps
Oleg
On Tue, 2004-09-21 at 12:10, Robert Gold wrote:
Hi,
I am using http-client 2.0.1 (1 August 2004).
I noticed that lots of websites just accept the cookies to be sent in one
single line (like sent by IE). This is with http-client just possible in
strict mode.
But now I have a webserver which redirects me to an URL which is not
allowed/valid in strict mode, but at the same time it accepts just the
cookies send in a single line.
I saw a patch from 2003 which allowed the user to add a cookie
request-header manually. This patch has been removed again from the new
version? Is there now another technique for that? I don't understand why
this 'sending of cookies in a single line' must be bound to the strict
mode,
which has apparently also other impacts.
It would be very nice if you could give me some help how to solve this
problem. For me it's either way if I create the cookie-header myself or
it's
done by the http-client or in whatever way. It just must access this site
and I don't know how.
Thanks for help,
Robert.
-
To unsubscribe, e-mail:
[EMAIL PROTECTED]
For additional commands, e-mail:
[EMAIL PROTECTED]
***
The information in this email is confidential and may be legally privileged.
Access to this email by anyone other than the intended addressee is
unauthorized. If you are not the intended recipient of this message, any
review, disclosure, copying, distribution, retention, or any action taken or
omitted to be taken in reliance on it is prohibited and may be unlawful. If
you are not the intended recipient, please reply to or forward a copy of
this message to the sender and delete the message, any attachments, and any
copies thereof from your system.
***
-
To unsubscribe, e-mail:
[EMAIL PROTECTED]
For additional commands, e-mail:
[EMAIL PROTECTED]
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
