473,320 Members | 1,694 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 473,320 software developers and data experts.

Problems returning/attaching cookies

Attacked is a piece of code which first hits the login page
successfully and receives back login cookies. But then when I attempt
to hit a page which is restricted to logged in users only, I fail.

That seems to be because I am not successfully re-attaching the cookies
to the header portion of the this request. I have tried 2 methods
which should both work I think. The first was to use install_opener to
attach the cookie handler back to urlopen. The second method was to
use the cookiehandler method add_cookie_header. But in both cases,
before sending out the 2nd request, it seems to have empty headers --
which indicates to me that the necessary cookies have not been
attacked.

I also tryed messing with the policy quite a bit, thinking that might
be causing the cookies not to be returned. First I used the default,
then set some flags on the default, then even overrode methods on the
default to make it as lenient as possible. This had no apparent
effect.

Thanks a lot!

Below I have pasted the most relevant code section, as well as my full
code file. Apologies for all the comments, but I wanted to show what I
had tried.
-----------------
RELEVANT CODE (snipped from full code)

# NOW GO TO PAGE RESTRICTED TO LOGGED IN PEOPLE
the_url =
"http://www.dpreview.com/forums/login.asp?jump=editprofile.asp"
req = urllib2.Request(the_url)
#print "headers:", req.headers
#cj.add_cookie_header(req)

# EXPECT THESE HEADERS TO BE NON-EMPTY - BUT THEY ARE EMPTY,
# NO COOKIES RETURNED?
print "headers:", req.headers

# THIS OPEN FAILS - I GET - "NEED TO LOGIN" PAGE
#handle = opener.open(req)
handle = urllib2.urlopen(req)
the_page = handle.read()

-----------------
FULL CODE

#!/usr/bin/python

import urllib
import urllib2
import re
import os
from cookielib import *

class MyCookiePolicy(DefaultCookiePolicy):
def __init__(self):
DefaultCookiePolicy.__init__(self, rfc2965=True,
hide_cookie2=False, strict_ns_domain=DefaultCookiePolicy.DomainLiberal )
def set_ok(self, cookie, request):
return True
def return_ok(self, cookie, request):
return True
def domain_return_ok(self, cookie, request):
return True
def path_return_ok(self, cookie, request):
return True

the_url = 'http://www.dpreview.com/forums/login_post.asp'
user_agent = 'Mozilla/4.0 (compatible; MSIE 5.5; Windows NT)'
values = {
'email' : '****',
'password' : '****',
#"remember" : "checked", # <- create permanent cookie
'jump' : "/forums/"
}
# also "remember" : "remember"

# INITIAL REQUEST WITH USER INFO
headers = { 'User-Agent' : user_agent }
data = urllib.urlencode(values)
req = urllib2.Request(the_url, data, headers)

# COOKIE POLICY
# tried using several configurations of the default cookie policy
#policy = DefaultCookiePolicy(rfc2965=True, hide_cookie2=False,
strict_ns_domain=DefaultCookiePolicy.DomainLiberal )
# tried using my own custom cookie policy
#policy = MyCookiePolicy()
policy = DefaultCookiePolicy(rfc2965=True, hide_cookie2=False)

# CREATE COOKIE JAR WITH POLICY
cj = MozillaCookieJar()
cj.set_policy(policy)

# CREATE OPENER, AND OPEN PAGE
opener = urllib2.build_opener(urllib2.HTTPCookieProcessor(c j))
urllib2.install_opener(opener)
#handle = opener.open(req)
handle = urllib2.urlopen(req)
the_page = handle.read()

# SHOW COOKIES COLLECTED - LOOKS GOOD HERE
for c in cj:
print "COOKIE:", c
print "URL:", handle.geturl()
print "INFO:", handle.info()

#DEMONSTRATE WE'RE LOGGED IN
for line in the_page.split('\n'):
line = line.strip()
if re.search("Welcome to the", line):
print "MESSAGE:", line

# NOW GO TO PAGE RESTRICTED TO LOGGED IN PEOPLE
# - tried using the install_opener above
# - tried using add_cookie_header
# - either way, can't seem to get cookies in the header of this request
the_url =
"http://www.dpreview.com/forums/login.asp?jump=editprofile.asp"
req = urllib2.Request(the_url)
#print "headers:", req.headers
#cj.add_cookie_header(req)

# EXPECT THESE HEADERS TO BE NON-EMPTY
print "headers:", req.headers
#handle = opener.open(req)
handle = urllib2.urlopen(req)
the_page = handle.read()

# THIS ALSO PROVES LOGIN-STATE WAS LOST
for line in the_page.split('\n'):
line = line.strip()
if re.search("To access", line):
print "MESSAGE:", line

print "URL:", handle.geturl()
print "INFO:", handle.info()

Nov 22 '05 #1
2 2204
NEVERMIND. My friend pointed out that I am simply hitting the wrong
URL when trying to "test" whether I am logged in or not. The correct
one is: http://www.dpreview.com/forums/editprofile.asp

But I still have one question, if anyone knows -- why is it that when I
print out the headers on my request object, they are empty? I thought
that I should find the cookies there which are being sent back. This
is what I thought the problem was. Thanks if anyone can explain how
that works.

John

(PS i have stopped attacking the cookies now)
jo**********@gmail.com wrote:
Attacked is a piece of code which first hits the login page
successfully and receives back login cookies. But then when I attempt
to hit a page which is restricted to logged in users only, I fail.

That seems to be because I am not successfully re-attaching the cookies
to the header portion of the this request. I have tried 2 methods
which should both work I think. The first was to use install_opener to
attach the cookie handler back to urlopen. The second method was to
use the cookiehandler method add_cookie_header. But in both cases,
before sending out the 2nd request, it seems to have empty headers --
which indicates to me that the necessary cookies have not been
attacked.

I also tryed messing with the policy quite a bit, thinking that might
be causing the cookies not to be returned. First I used the default,
then set some flags on the default, then even overrode methods on the
default to make it as lenient as possible. This had no apparent
effect.

Thanks a lot!

Below I have pasted the most relevant code section, as well as my full
code file. Apologies for all the comments, but I wanted to show what I
had tried.
-----------------
RELEVANT CODE (snipped from full code)

# NOW GO TO PAGE RESTRICTED TO LOGGED IN PEOPLE
the_url =
"http://www.dpreview.com/forums/login.asp?jump=editprofile.asp"
req = urllib2.Request(the_url)
#print "headers:", req.headers
#cj.add_cookie_header(req)

# EXPECT THESE HEADERS TO BE NON-EMPTY - BUT THEY ARE EMPTY,
# NO COOKIES RETURNED?
print "headers:", req.headers

# THIS OPEN FAILS - I GET - "NEED TO LOGIN" PAGE
#handle = opener.open(req)
handle = urllib2.urlopen(req)
the_page = handle.read()

-----------------
FULL CODE

#!/usr/bin/python

import urllib
import urllib2
import re
import os
from cookielib import *

class MyCookiePolicy(DefaultCookiePolicy):
def __init__(self):
DefaultCookiePolicy.__init__(self, rfc2965=True,
hide_cookie2=False, strict_ns_domain=DefaultCookiePolicy.DomainLiberal )
def set_ok(self, cookie, request):
return True
def return_ok(self, cookie, request):
return True
def domain_return_ok(self, cookie, request):
return True
def path_return_ok(self, cookie, request):
return True

the_url = 'http://www.dpreview.com/forums/login_post.asp'
user_agent = 'Mozilla/4.0 (compatible; MSIE 5.5; Windows NT)'
values = {
'email' : '****',
'password' : '****',
#"remember" : "checked", # <- create permanent cookie
'jump' : "/forums/"
}
# also "remember" : "remember"

# INITIAL REQUEST WITH USER INFO
headers = { 'User-Agent' : user_agent }
data = urllib.urlencode(values)
req = urllib2.Request(the_url, data, headers)

# COOKIE POLICY
# tried using several configurations of the default cookie policy
#policy = DefaultCookiePolicy(rfc2965=True, hide_cookie2=False,
strict_ns_domain=DefaultCookiePolicy.DomainLiberal )
# tried using my own custom cookie policy
#policy = MyCookiePolicy()
policy = DefaultCookiePolicy(rfc2965=True, hide_cookie2=False)

# CREATE COOKIE JAR WITH POLICY
cj = MozillaCookieJar()
cj.set_policy(policy)

# CREATE OPENER, AND OPEN PAGE
opener = urllib2.build_opener(urllib2.HTTPCookieProcessor(c j))
urllib2.install_opener(opener)
#handle = opener.open(req)
handle = urllib2.urlopen(req)
the_page = handle.read()

# SHOW COOKIES COLLECTED - LOOKS GOOD HERE
for c in cj:
print "COOKIE:", c
print "URL:", handle.geturl()
print "INFO:", handle.info()

#DEMONSTRATE WE'RE LOGGED IN
for line in the_page.split('\n'):
line = line.strip()
if re.search("Welcome to the", line):
print "MESSAGE:", line

# NOW GO TO PAGE RESTRICTED TO LOGGED IN PEOPLE
# - tried using the install_opener above
# - tried using add_cookie_header
# - either way, can't seem to get cookies in the header of this request
the_url =
"http://www.dpreview.com/forums/login.asp?jump=editprofile.asp"
req = urllib2.Request(the_url)
#print "headers:", req.headers
#cj.add_cookie_header(req)

# EXPECT THESE HEADERS TO BE NON-EMPTY
print "headers:", req.headers
#handle = opener.open(req)
handle = urllib2.urlopen(req)
the_page = handle.read()

# THIS ALSO PROVES LOGIN-STATE WAS LOST
for line in the_page.split('\n'):
line = line.strip()
if re.search("To access", line):
print "MESSAGE:", line

print "URL:", handle.geturl()
print "INFO:", handle.info()


Nov 22 '05 #2
NEVERMIND. My friend pointed out that I am simply hitting the wrong
URL when trying to "test" whether I am logged in or not. The correct
one is: http://www.dpreview.com/forums/editprofile.asp

But I still have one question, if anyone knows -- why is it that when I
print out the headers on my request object, they are empty? I thought
that I should find the cookies there which are being sent back. This
is what I thought the problem was. Thanks if anyone can explain how
that works.

John

(PS i have stopped attacking the cookies now)
jo**********@gmail.com wrote:
Attacked is a piece of code which first hits the login page
successfully and receives back login cookies. But then when I attempt
to hit a page which is restricted to logged in users only, I fail.

That seems to be because I am not successfully re-attaching the cookies
to the header portion of the this request. I have tried 2 methods
which should both work I think. The first was to use install_opener to
attach the cookie handler back to urlopen. The second method was to
use the cookiehandler method add_cookie_header. But in both cases,
before sending out the 2nd request, it seems to have empty headers --
which indicates to me that the necessary cookies have not been
attacked.

I also tryed messing with the policy quite a bit, thinking that might
be causing the cookies not to be returned. First I used the default,
then set some flags on the default, then even overrode methods on the
default to make it as lenient as possible. This had no apparent
effect.

Thanks a lot!

Below I have pasted the most relevant code section, as well as my full
code file. Apologies for all the comments, but I wanted to show what I
had tried.
-----------------
RELEVANT CODE (snipped from full code)

# NOW GO TO PAGE RESTRICTED TO LOGGED IN PEOPLE
the_url =
"http://www.dpreview.com/forums/login.asp?jump=editprofile.asp"
req = urllib2.Request(the_url)
#print "headers:", req.headers
#cj.add_cookie_header(req)

# EXPECT THESE HEADERS TO BE NON-EMPTY - BUT THEY ARE EMPTY,
# NO COOKIES RETURNED?
print "headers:", req.headers

# THIS OPEN FAILS - I GET - "NEED TO LOGIN" PAGE
#handle = opener.open(req)
handle = urllib2.urlopen(req)
the_page = handle.read()

-----------------
FULL CODE

#!/usr/bin/python

import urllib
import urllib2
import re
import os
from cookielib import *

class MyCookiePolicy(DefaultCookiePolicy):
def __init__(self):
DefaultCookiePolicy.__init__(self, rfc2965=True,
hide_cookie2=False, strict_ns_domain=DefaultCookiePolicy.DomainLiberal )
def set_ok(self, cookie, request):
return True
def return_ok(self, cookie, request):
return True
def domain_return_ok(self, cookie, request):
return True
def path_return_ok(self, cookie, request):
return True

the_url = 'http://www.dpreview.com/forums/login_post.asp'
user_agent = 'Mozilla/4.0 (compatible; MSIE 5.5; Windows NT)'
values = {
'email' : '****',
'password' : '****',
#"remember" : "checked", # <- create permanent cookie
'jump' : "/forums/"
}
# also "remember" : "remember"

# INITIAL REQUEST WITH USER INFO
headers = { 'User-Agent' : user_agent }
data = urllib.urlencode(values)
req = urllib2.Request(the_url, data, headers)

# COOKIE POLICY
# tried using several configurations of the default cookie policy
#policy = DefaultCookiePolicy(rfc2965=True, hide_cookie2=False,
strict_ns_domain=DefaultCookiePolicy.DomainLiberal )
# tried using my own custom cookie policy
#policy = MyCookiePolicy()
policy = DefaultCookiePolicy(rfc2965=True, hide_cookie2=False)

# CREATE COOKIE JAR WITH POLICY
cj = MozillaCookieJar()
cj.set_policy(policy)

# CREATE OPENER, AND OPEN PAGE
opener = urllib2.build_opener(urllib2.HTTPCookieProcessor(c j))
urllib2.install_opener(opener)
#handle = opener.open(req)
handle = urllib2.urlopen(req)
the_page = handle.read()

# SHOW COOKIES COLLECTED - LOOKS GOOD HERE
for c in cj:
print "COOKIE:", c
print "URL:", handle.geturl()
print "INFO:", handle.info()

#DEMONSTRATE WE'RE LOGGED IN
for line in the_page.split('\n'):
line = line.strip()
if re.search("Welcome to the", line):
print "MESSAGE:", line

# NOW GO TO PAGE RESTRICTED TO LOGGED IN PEOPLE
# - tried using the install_opener above
# - tried using add_cookie_header
# - either way, can't seem to get cookies in the header of this request
the_url =
"http://www.dpreview.com/forums/login.asp?jump=editprofile.asp"
req = urllib2.Request(the_url)
#print "headers:", req.headers
#cj.add_cookie_header(req)

# EXPECT THESE HEADERS TO BE NON-EMPTY
print "headers:", req.headers
#handle = opener.open(req)
handle = urllib2.urlopen(req)
the_page = handle.read()

# THIS ALSO PROVES LOGIN-STATE WAS LOST
for line in the_page.split('\n'):
line = line.strip()
if re.search("To access", line):
print "MESSAGE:", line

print "URL:", handle.geturl()
print "INFO:", handle.info()


Nov 22 '05 #3

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

0
by: yukon | last post by:
Hi there the next is my platform IIS5 windows 2000 asp vbscript My working area has the next virtual directoy: testAc (corrective ambient) testAe (evolutionary ambient)
0
by: Dan Meehan | last post by:
I created a music website that allows people to sign up and post messages on some message boards and update their profiles and such. The login script uses cookies, so when they Log Into the site it...
4
by: Mark Anderson | last post by:
Sorry if this is a rookie mistake... I've been through all the FAQs and the books I have but I can't see the mistake so I guess it's something simple <g> - I'm an occasional JS user. I've got...
0
by: Bennett F. Dill | last post by:
Thanks for reading. I'm having problems with cookies from asp to asp.net and back! It seems like I can set a cookie in asp.net fine, and alter it at will, as soon as asp touches it, asp.net...
1
by: Ravi | last post by:
Hi , i am trying to pass the same session Id to all the webrequest, but sometimes the response.cookies returns zero and sometimes one. is this to do something with cookies expire. In this sample...
2
by: Mike | last post by:
1. For some reason after the session has ended and the authentication cookie has expired I'm not being redirected to the login page. Insted I'm be assigned a new authentication cookie? Anyone have...
1
by: ltt19 | last post by:
Hi Folks, I'm just beggining with asp.net, and I'm doing a webpage to learn it. In the main page, there is a text by default written in Portuguese, that the user can change it it English by...
0
by: john.lehmann | last post by:
Attacked is a piece of code which first hits the login page successfully and receives back login cookies. But then when I attempt to hit a page which is restricted to logged in users only, I fail....
4
by: Gridlock | last post by:
I'm trying to read the cookies using HttpContext.Current.Request.Cookies, but the only cookie that I get is the ASP.NET SessionId cookie. There are many cookies on the machine, why am I only...
0
by: ryjfgjl | last post by:
ExcelToDatabase: batch import excel into database automatically...
0
by: Vimpel783 | last post by:
Hello! Guys, I found this code on the Internet, but I need to modify it a little. It works well, the problem is this: Data is sent from only one cell, in this case B5, but it is necessary that data...
0
by: jfyes | last post by:
As a hardware engineer, after seeing that CEIWEI recently released a new tool for Modbus RTU Over TCP/UDP filtering and monitoring, I actively went to its official website to take a look. It turned...
0
by: ArrayDB | last post by:
The error message I've encountered is; ERROR:root:Error generating model response: exception: access violation writing 0x0000000000005140, which seems to be indicative of an access violation...
1
by: PapaRatzi | last post by:
Hello, I am teaching myself MS Access forms design and Visual Basic. I've created a table to capture a list of Top 30 singles and forms to capture new entries. The final step is a form (unbound)...
1
by: CloudSolutions | last post by:
Introduction: For many beginners and individual users, requiring a credit card and email registration may pose a barrier when starting to use cloud servers. However, some cloud server providers now...
1
by: Defcon1945 | last post by:
I'm trying to learn Python using Pycharm but import shutil doesn't work
0
by: af34tf | last post by:
Hi Guys, I have a domain whose name is BytesLimited.com, and I want to sell it. Does anyone know about platforms that allow me to list my domain in auction for free. Thank you
0
by: Faith0G | last post by:
I am starting a new it consulting business and it's been a while since I setup a new website. Is wordpress still the best web based software for hosting a 5 page website? The webpages will be...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.