473,387 Members | 1,624 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

home > topics > python > questions > cookielib incorrectly escapes cookie

Join Bytes to post your question to a community of 473,387 software developers and data experts.

cookielib incorrectly escapes cookie

Hello,

I have some very serious trouble getting cookes to work. After a lot
of work (urllib2 is severly underdocumented, arcane and overengineerd
btw) I'm finally able to accept cookes from a server. But I'm still
unable to return them to a server. Specifically the script im trying
to do logs on to a server, get a session cookie and then tries to
access a secure page using the same session cookie. But the cookie
header cookielib produces is very different from the header it
received.

This example demonstrates it:

import cookielib
import urllib
import urllib2

# Install an opener that can handle cookies
policy = cookielib.DefaultCookiePolicy(rfc2965 = True)
cj = cookielib.CookieJar(policy)
opener = urllib2.build_opener(urllib2.HTTPCookieProcessor(c j))
urllib2.install_opener(opener)

# Login to the server
url = "http://server/dologin.htm"
params = urllib.urlencode({"user" : "foo", "pass" : "pwd"})

req = urllib2.Request(url, params)
handle = urllib2.urlopen(req)

# So far so good, the request should have added a cookie to the jar.
# The cookie header looks like this:
#
# Set-Cookie: SessionId="acf941a1fb4895ed"; Version=1; Path=/
#
assert len(cj) == 1

# Hack around the code in cookielib.CookieJar._cookie_attrs(),
# specifically the part that quotes, search for "quote_re" in the
# file cookielib.py.
cj._cookies_for_request(req)[0].version = 0

# Now request a secure page from the server
req = urllib2.Request("http://server/secure.htm")
cj.add_cookie_header(req)
handle = urllib2.urlopen(req)

# Here is where it doesn't work unless the hack is applied. The cookie
# header that is sent without the hack looks like this:
#
# Cookie: $Version=1; SessionId=\"66b908e5025d93ed\"; $Path="/"
#
# It is not accepted by the server, probably because the SessionID
# string is wrong.

--
mvh Björn
Jul 5 '06 #1
1 1841
"BJörn Lindqvist" <bj*****@gmail.comwrites:
I have some very serious trouble getting cookes to work. After a lot
of work (urllib2 is severly underdocumented, arcane and overengineerd
btw) I'm finally able to accept cookes from a server. But I'm still
And a good day to you too ;-)

In passing, there's a new HOWTO document on urllib2 here, which you
may find helpful:

http://svn.python.org/view/python/tr...62&view=markup
Doesn't seem to be part of the build process yet, so not available yet
in nicely-formatted HTML form on the python.org website -- I guess
it's included in HTML format in 2.5 beta1, though.

Note that that document is substantially rewritten over the version
that was originally on Michael's web site, from which the HOWTO
originally came. I haven't checked the version on Michael's website
has been updated recently, so use the version linked to above instead.

unable to return them to a server. Specifically the script im trying
to do logs on to a server, get a session cookie and then tries to
access a secure page using the same session cookie. But the cookie
header cookielib produces is very different from the header it
received.
Well (sigh), I didn't make all that up, you know ;-) Believe it or
not, that's what's supposed to happen if you send Version=1 cookies
(though few browsers ever supported it). In case it's your own
server, I should note that I don't know of any reason for an internet
server ever to send Version=1 cookies, given what the majority of
browsers actually do. However, since the cookie protocols (plural)
are, in practice, ill-defined (which is no individual's fault,
really), cases that work in popular browsers should usually be fixed.

Please test to make sure your problem goes away with Python 2.5 beta1:
I believe this bug is already fixed. Please do try it though: it's
unlikely that anybody else has tested the fix. I think beta2 is due
on Wednesday 12th, so it's advisable to get in quick if you want this
to work in 2.5 (please Cc: me personally to let me know whether it
works for you).

Note that it should work for you in Python 2.5 if and only if (not
rfc2965 or rfc2109_as_netscape) is true, where rfc2109_as_netscape and
rfc2965 are constructor arguments of DefaultCookiePolicy. To
understand why (on some level, anyway), read the in-development docs
for DefaultCookiePolicy here:

http://docs.python.org/dev/lib/module-cookielib.html
Thanks for the report.

If you'd like a better workaround than the one you have for older
Pythons, I'll be happy to post one if you'll test this with 2.5 (no
good deed goes unpunished ;-)
[...]
# Here is where it doesn't work unless the hack is applied. The cookie
# header that is sent without the hack looks like this:
#
# Cookie: $Version=1; SessionId=\"66b908e5025d93ed\"; $Path="/"
#
# It is not accepted by the server, probably because the SessionID
# string is wrong.
There is a bug here, I think: I think the quoting is indeed incorrect,
but probably not for the reason you expect (also, on a separate point,
the funny-looking $Version and $Path are at least strictly correct,
and for example my copy of the "lynx" browser does send them). I
won't try to explain the details here.

Since the fix would likely be complicated and risky, and of benefit
only in very unusual circumstances, I don't intend to fix it at this
stage of the Python release process. It will not affect you when
using Python 2.5, as long as (not rfc2965 or rfc2109_as_netscape) is
true (see above for the definition of those names). That's true by
default in 2.5, so all you should need is:

opener = urllib2.build_opener(urllib2.HTTPCookieProcessor() )
opener.open("http://www.example.com/")
(Unless you want to get at the CookieJar, e.g. to load and save
cookies), in which case go ahead and override the default CookieJar by
passing one to the HTTPCookieProcessor as you do in the code you
posted.)

I also note that you're adding an HTTPCookieProcessor, *and* also
calling .add_cookie_header(). HTTPCookieProcessor's job is to call
..add_cookie_header() / .extract_cookies() for you (even on redirects,
where you never get the opportunity to do it "manually"). You never
need to call those functions yourself if using urllib2.

HTH!
John
Jul 9 '06 #2
New Post

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

1
cookielib and urllib2: thread-safe?
by: Alex Hunsley | last post by:
I'm writing a test script in python for pulling web pages from a web server using urllib2 and cookielib. Since the main thing I am testing is what happens when concurrent requests are made to the...
Python
0
RFC 2965 cookies, cookielib, and mailman.
by: John J Lee | last post by:
Just noticed your c.l.py post quoted below. Nobody but me knows or cares about this obscure stuff ;-) so I'm not surprised you got no answer... C. Titus Brown Dec 27 2004, 12:41 pm wrote: >...
Python
0
cookielib extracting a cookie value as a string
by: dmbkiwi | last post by:
I am trying to extract the value of a cookie from a CookieJar() object using cookielib. I have a CookieJar() object called cj. Printing cj gives: <_LWPCookieJar.LWPCookieJar> But i can't...
Python
6
Create a cookie with cookielib
by: Alessandro Fachin | last post by:
Hi, i am trying to forge a new cookie by own with cookielib. But i don't still have success. This a simply code: import cookielib, urllib, urllib2 login = 'Ia am a cookie!' cookiejar =...
Python
1
Question about using cookielib in python 2.4
by: Marko.Cain.23 | last post by:
Hi, I am following the example of Python cookbook (14.7) about using cookielib in python2.4 cj = cookielib.LWPCookieJar() //.... code to send out the request print...
Python
1
cookielib
by: Boris Ozegovic | last post by:
Hi I have HTTP client which accepts cookies. If client allready has cookie, but that cookie has expired, server sends him new cookie, and in response object Set-Cookie: header everything is...
Python
1
issue with cookielib.LWPCookieJar
by: JD Smith | last post by:
Greetings: My cookiejar contains the cookie that I need however when I do cj.save(file) it does not actually save out to the cookies.lwj Does anyone have any clue what would keep this from...
Python
2
Handling cookies without urllib2 and cookielib
by: Joshua Kugler | last post by:
Standard disclaimer: read, googled, read some more. If you have a link, please free free to point me there. I'm using HTTPlib to construct some functional tests for a web app we're writing. ...
Python
2
Cookielib in Jython
by: Felipe De Bene | last post by:
Hi There, I'm trying to run an App I wrote in Python 2.5.2 in Jython 2.2.1 and everything works fine except when I try to import the Standard CPython's cookielib. I know this may sound stupid, I...
Python
0
Easy Steps to Fix "Canon Printer Won't Connect to WiFi Network"
by: taylorcarr | last post by:
A Canon printer is a smart device known for being advanced, efficient, and reliable. It is designed for home, office, and hybrid workspace use and can also be used for a variety of purposes. However,...
General
0
How to turn on java script in a villaon keypad mobile phone
by: Charles Arthur | last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
Java
0
Basic Javascript concepts
by: aa123db | last post by:
Variable and constants Use var or let for variables and const fror constants. Var foo ='bar'; Let foo ='bar';const baz ='bar'; Functions function $name$ ($parameters$) { } ...
Javascript
0
Migrating Website to Cloud - Emmanuel Katto
by: emmanuelkatto | last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud. Please let me know. Thanks! Emmanuel
General
1
Looking to do Android software development, any suggestions? Is flutter better?
by: nemocccc | last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
General
1
Is that possible of reading the .csv file in column wise and the column have different lengths ?
by: Sonnysonu | last post by:
This is the data of csv file 1 2 3 1 2 3 1 2 3 1 2 3 2 3 2 3 3 the lengths should be different i have to store the data by column-wise with in the specific length. suppose the i have to...
C / C++
0
marktang
What is ONU?
by: marktang | last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
General
0
Oralloy
Problem With Comparison Operator <=> in G++
by: Oralloy | last post by:
Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers,...
C / C++
0
jinu1996
Maximizing Business Potential: The Nexus of Website Design and Digital Marketing
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
Online Marketing

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes:
Post a Job
Sponsored Posts
Platinum & Gold Sponsors
Hire Now!