1
0
mirror of https://github.com/moparisthebest/curl synced 2024-12-23 08:38:49 -05:00

HTTP-COOKIES: use the FAQ document layout

This commit is contained in:
Daniel Stenberg 2012-07-03 10:54:46 +02:00
parent 33ee67112f
commit ae8f08ee59

View File

@ -1,45 +1,58 @@
HTTP Cookies Updated: July 3, 2012 (http://curl.haxx.se/docs/http-cookies.html)
_ _ ____ _
___| | | | _ \| |
/ __| | | | |_) | |
| (__| |_| | _ <| |___
\___|\___/|_| \_\_____|
Overview
========
HTTP cookies are pieces of 'name=contents' snippets that a server tells the HTTP Cookies
client to hold and then the client sends back those the server on subsequent
requests to the same domains/paths for which the cookies were set.
Cookies are either "session cookies" which typically are forgotten when the 1. Cookie overview
session is over which is often translated to equal when browser quits, or the 2. Cookies saved to disk
cookies aren't session cookies they have expiration dates after which the 3. Cookies with curl the command line tool
client will throw them away. 4. Cookies with libcurl
5. Cookies with javascript
Cookies are set to the client with the Set-Cookie: header and are sent to ==============================================================================
servers with the Cookie: header.
For a very long time, the only spec explaining how to use cookies was the 1. Cookie overview
original Netscape spec from 1994: http://curl.haxx.se/rfc/cookie_spec.html
In 2011, RFC6265 (http://www.ietf.org/rfc/rfc6265.txt) was finally published HTTP cookies are pieces of 'name=contents' snippets that a server tells the
and details how cookies work within HTTP. client to hold and then the client sends back those the server on subsequent
requests to the same domains/paths for which the cookies were set.
cookies saved to disk Cookies are either "session cookies" which typically are forgotten when the
===================== session is over which is often translated to equal when browser quits, or
the cookies aren't session cookies they have expiration dates after which
the client will throw them away.
Netscape once created a file format for storing cookies on disk so that they Cookies are set to the client with the Set-Cookie: header and are sent to
would survive browser restarts. curl adopted that file format to allow sharing servers with the Cookie: header.
the cookies with browsers, only to see browsers move away from that
format. Modern browsers no longer use it, while curl still does.
The cookie file format stores one cookie per physical line in the file with a For a very long time, the only spec explaining how to use cookies was the
bunch of associated meta data, each field separated with TAB. That file is original Netscape spec from 1994: http://curl.haxx.se/rfc/cookie_spec.html
called the cookiejar in curl terminology.
cookies with curl the command line tool In 2011, RFC6265 (http://www.ietf.org/rfc/rfc6265.txt) was finally published
======================================= and details how cookies work within HTTP.
curl has a full cookie "engine" built in. If you just activate it, you can 2. Cookies saved to disk
have curl receive and send cookies exactly as mandated in the specs.
Command line options: Netscape once created a file format for storing cookies on disk so that they
would survive browser restarts. curl adopted that file format to allow
sharing the cookies with browsers, only to see browsers move away from that
format. Modern browsers no longer use it, while curl still does.
The cookie file format stores one cookie per physical line in the file with
a bunch of associated meta data, each field separated with TAB. That file is
called the cookiejar in curl terminology.
3. Cookies with curl the command line tool
curl has a full cookie "engine" built in. If you just activate it, you can
have curl receive and send cookies exactly as mandated in the specs.
Command line options:
-b, --cookie -b, --cookie
@ -57,10 +70,9 @@ Command line options:
tell curl to start the cookie engine and write cookies to the given file tell curl to start the cookie engine and write cookies to the given file
after the request(s) after the request(s)
cookies with libcurl 4. Cookies with libcurl
====================
libcurl options: libcurl options:
CURLOPT_COOKIE CURLOPT_COOKIE
@ -89,16 +101,15 @@ libcurl options:
Extract cookie information from the internal cookie storage as a linked Extract cookie information from the internal cookie storage as a linked
list. list.
cookies with javascript 5. Cookies with javascript
=======================
These days a lot of the web is built up by javascript. The webbrowser loads These days a lot of the web is built up by javascript. The webbrowser loads
complete programs that render the page you see. These javascript programs can complete programs that render the page you see. These javascript programs
also set and access cookies. can also set and access cookies.
Since curl and libcurl are plain HTTP clients without any knowledge of or Since curl and libcurl are plain HTTP clients without any knowledge of or
capability to handle javascript, such cookies will not be detected or used. capability to handle javascript, such cookies will not be detected or used.
Often, if you want to mimic what a browser does on such web sites, you can Often, if you want to mimic what a browser does on such web sites, you can
record web browser HTTP traffic when using such a site and then repeat the record web browser HTTP traffic when using such a site and then repeat the
cookie operations using curl or libcurl. cookie operations using curl or libcurl.