Hello folks, I'm running wget v1.10 compiled from source (tested on HP-UX and Linux).
I am having problems handling session cookies. The idea is to request a web page which returns an ID number in a session cookie. All subsequent requests from the site must contain this session cookie. I'm using a command line as follows: wget --no-proxy --save-cookies cookies.txt --keep-session-cookies http://ttms:9900/testdb-bin/login -O - The headers returned from the webserver are as follows: ---request begin--- GET /testdb-bin/login HTTP/1.0 User-Agent: Wget/1.10 Accept: */* Host: ttms:9900 Connection: Keep-Alive ---request end--- HTTP request sent, awaiting response... ---response begin--- HTTP/1.1 200 OK Date: Fri, 24 Jun 2005 09:22:38 GMT Server: Apache/2.0.51 (Unix) PHP/4.3.3 Set-Cookie: SessionID=1119604958; path=/testdb-bin Connection: close Content-Type: text/html; charset=ISO-8859-1 ---response end--- However, the cookie.txt file is empty... $ cat cookie.txt # HTTP cookie file. # Generated by Wget on 2005-06-24 10:22:38. # Edit at your own risk. $ I've looked at the source code, in cookie.c I've added debug to print out the contents of full_path and prefix in the path_matches() function. The output is as follows: path_matches() full_path: /testdb-bin/login, prefix: /testdb-bin [ on function entry, i.e. before ++prefix statement ] path_matches() calling strncmp("/testdb-bin/login", "testdb-bin", 10) = -69 Note that the forward slash is stripped from "prefix", hence never matches "full_path". I'm not sure why this is done in the code. Is there a problem here? Or am I doing something wrong? The path returned in the cookie from the webserver seems valid. It's generated by the Perl CGI module cookie method and seems consistent with the CGI man page. For now, I've hacked the path_matches() function to ensure that the slash prefixes are always consistent... /* MNS hack for fixing cookie leading slashes */ if (*prefix == '/' && *full_path != '/') prefix++; if (*prefix != '/' && *full_path == '/') full_path++; /* MNS end of hack */ // ++prefix; MNS was original code If I try the same test with something like www.google.com, the cookie file gets created sucessfully - although this isn't a session cookie, of course. Cheers, Mark.
