mirror of
https://github.com/moparisthebest/curl
synced 2024-12-23 00:28:48 -05:00
HTTP-COOKIES: use the FAQ document layout
This commit is contained in:
parent
33ee67112f
commit
ae8f08ee59
@ -1,45 +1,58 @@
|
|||||||
HTTP Cookies
|
Updated: July 3, 2012 (http://curl.haxx.se/docs/http-cookies.html)
|
||||||
|
_ _ ____ _
|
||||||
|
___| | | | _ \| |
|
||||||
|
/ __| | | | |_) | |
|
||||||
|
| (__| |_| | _ <| |___
|
||||||
|
\___|\___/|_| \_\_____|
|
||||||
|
|
||||||
Overview
|
|
||||||
========
|
|
||||||
|
|
||||||
HTTP cookies are pieces of 'name=contents' snippets that a server tells the
|
HTTP Cookies
|
||||||
client to hold and then the client sends back those the server on subsequent
|
|
||||||
requests to the same domains/paths for which the cookies were set.
|
|
||||||
|
|
||||||
Cookies are either "session cookies" which typically are forgotten when the
|
1. Cookie overview
|
||||||
session is over which is often translated to equal when browser quits, or the
|
2. Cookies saved to disk
|
||||||
cookies aren't session cookies they have expiration dates after which the
|
3. Cookies with curl the command line tool
|
||||||
client will throw them away.
|
4. Cookies with libcurl
|
||||||
|
5. Cookies with javascript
|
||||||
|
|
||||||
Cookies are set to the client with the Set-Cookie: header and are sent to
|
==============================================================================
|
||||||
servers with the Cookie: header.
|
|
||||||
|
|
||||||
For a very long time, the only spec explaining how to use cookies was the
|
1. Cookie overview
|
||||||
original Netscape spec from 1994: http://curl.haxx.se/rfc/cookie_spec.html
|
|
||||||
|
|
||||||
In 2011, RFC6265 (http://www.ietf.org/rfc/rfc6265.txt) was finally published
|
HTTP cookies are pieces of 'name=contents' snippets that a server tells the
|
||||||
and details how cookies work within HTTP.
|
client to hold and then the client sends back those the server on subsequent
|
||||||
|
requests to the same domains/paths for which the cookies were set.
|
||||||
|
|
||||||
cookies saved to disk
|
Cookies are either "session cookies" which typically are forgotten when the
|
||||||
=====================
|
session is over which is often translated to equal when browser quits, or
|
||||||
|
the cookies aren't session cookies they have expiration dates after which
|
||||||
|
the client will throw them away.
|
||||||
|
|
||||||
Netscape once created a file format for storing cookies on disk so that they
|
Cookies are set to the client with the Set-Cookie: header and are sent to
|
||||||
would survive browser restarts. curl adopted that file format to allow sharing
|
servers with the Cookie: header.
|
||||||
the cookies with browsers, only to see browsers move away from that
|
|
||||||
format. Modern browsers no longer use it, while curl still does.
|
|
||||||
|
|
||||||
The cookie file format stores one cookie per physical line in the file with a
|
For a very long time, the only spec explaining how to use cookies was the
|
||||||
bunch of associated meta data, each field separated with TAB. That file is
|
original Netscape spec from 1994: http://curl.haxx.se/rfc/cookie_spec.html
|
||||||
called the cookiejar in curl terminology.
|
|
||||||
|
|
||||||
cookies with curl the command line tool
|
In 2011, RFC6265 (http://www.ietf.org/rfc/rfc6265.txt) was finally published
|
||||||
=======================================
|
and details how cookies work within HTTP.
|
||||||
|
|
||||||
curl has a full cookie "engine" built in. If you just activate it, you can
|
2. Cookies saved to disk
|
||||||
have curl receive and send cookies exactly as mandated in the specs.
|
|
||||||
|
|
||||||
Command line options:
|
Netscape once created a file format for storing cookies on disk so that they
|
||||||
|
would survive browser restarts. curl adopted that file format to allow
|
||||||
|
sharing the cookies with browsers, only to see browsers move away from that
|
||||||
|
format. Modern browsers no longer use it, while curl still does.
|
||||||
|
|
||||||
|
The cookie file format stores one cookie per physical line in the file with
|
||||||
|
a bunch of associated meta data, each field separated with TAB. That file is
|
||||||
|
called the cookiejar in curl terminology.
|
||||||
|
|
||||||
|
3. Cookies with curl the command line tool
|
||||||
|
|
||||||
|
curl has a full cookie "engine" built in. If you just activate it, you can
|
||||||
|
have curl receive and send cookies exactly as mandated in the specs.
|
||||||
|
|
||||||
|
Command line options:
|
||||||
|
|
||||||
-b, --cookie
|
-b, --cookie
|
||||||
|
|
||||||
@ -57,10 +70,9 @@ Command line options:
|
|||||||
tell curl to start the cookie engine and write cookies to the given file
|
tell curl to start the cookie engine and write cookies to the given file
|
||||||
after the request(s)
|
after the request(s)
|
||||||
|
|
||||||
cookies with libcurl
|
4. Cookies with libcurl
|
||||||
====================
|
|
||||||
|
|
||||||
libcurl options:
|
libcurl options:
|
||||||
|
|
||||||
CURLOPT_COOKIE
|
CURLOPT_COOKIE
|
||||||
|
|
||||||
@ -89,16 +101,15 @@ libcurl options:
|
|||||||
Extract cookie information from the internal cookie storage as a linked
|
Extract cookie information from the internal cookie storage as a linked
|
||||||
list.
|
list.
|
||||||
|
|
||||||
cookies with javascript
|
5. Cookies with javascript
|
||||||
=======================
|
|
||||||
|
|
||||||
These days a lot of the web is built up by javascript. The webbrowser loads
|
These days a lot of the web is built up by javascript. The webbrowser loads
|
||||||
complete programs that render the page you see. These javascript programs can
|
complete programs that render the page you see. These javascript programs
|
||||||
also set and access cookies.
|
can also set and access cookies.
|
||||||
|
|
||||||
Since curl and libcurl are plain HTTP clients without any knowledge of or
|
Since curl and libcurl are plain HTTP clients without any knowledge of or
|
||||||
capability to handle javascript, such cookies will not be detected or used.
|
capability to handle javascript, such cookies will not be detected or used.
|
||||||
|
|
||||||
Often, if you want to mimic what a browser does on such web sites, you can
|
Often, if you want to mimic what a browser does on such web sites, you can
|
||||||
record web browser HTTP traffic when using such a site and then repeat the
|
record web browser HTTP traffic when using such a site and then repeat the
|
||||||
cookie operations using curl or libcurl.
|
cookie operations using curl or libcurl.
|
||||||
|
Loading…
Reference in New Issue
Block a user