1
0
mirror of https://github.com/moparisthebest/curl synced 2024-12-22 16:18:48 -05:00
curl/docs/libcurl/opts/CURLOPT_COOKIELIST.3
Jay Satiro cb6a07fed0 docs: Warn about any-domain cookies and multiple transfers
- Warn that cookies without a domain are sent to any domain:
CURLOPT_COOKIELIST, CURLOPT_COOKIEFILE, --cookie

- Note that imported Set-Cookie cookies without a domain are no longer
exported:
CURLINFO_COOKIELIST, CURLOPT_COOKIEJAR, --cookie-jar
2015-09-03 02:35:11 -04:00

120 lines
4.4 KiB
Groff

.\" **************************************************************************
.\" * _ _ ____ _
.\" * Project ___| | | | _ \| |
.\" * / __| | | | |_) | |
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
.\" * are also available at http://curl.haxx.se/docs/copyright.html.
.\" *
.\" * You may opt to use, copy, modify, merge, publish, distribute and/or sell
.\" * copies of the Software, and permit persons to whom the Software is
.\" * furnished to do so, under the terms of the COPYING file.
.\" *
.\" * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
.\" * KIND, either express or implied.
.\" *
.\" **************************************************************************
.\"
.TH CURLOPT_COOKIELIST 3 "19 Jun 2014" "libcurl 7.37.0" "curl_easy_setopt options"
.SH NAME
CURLOPT_COOKIELIST \- add to or manipulate cookies held in memory
.SH SYNOPSIS
.nf
#include <curl/curl.h>
CURLcode curl_easy_setopt(CURL *handle, CURLOPT_COOKIELIST,
char *cookie);
.SH DESCRIPTION
Pass a char * to a \fIcookie\fP string.
Such a cookie can be either a single line in Netscape / Mozilla format or just
regular HTTP-style header (Set-Cookie: ...) format. This will also enable the
cookie engine. This adds that single cookie to the internal cookie store.
Exercise caution if you are using this option and multiple transfers may occur.
If you use the Set-Cookie format and don't specify a domain then the cookie is
sent for any domain (even after redirects are followed) and cannot be modified
by a server-set cookie. If a server sets a cookie of the same name (or maybe
you've imported one) then both will be sent on a future transfer to that
server, likely not what you intended. To address these issues set a domain in
Set-Cookie (doing that will include sub-domains) or use the Netscape format as
shown in EXAMPLE.
Additionally, there are commands available that perform actions if you pass in
these exact strings:
.IP ALL
erases all cookies held in memory
.IP SESS
erases all session cookies held in memory
.IP FLUSH
writes all known cookies to the file specified by \fICURLOPT_COOKIEJAR(3)\fP
.IP RELOAD
loads all cookies from the files specified by \fICURLOPT_COOKIEFILE(3)\fP
.SH DEFAULT
NULL
.SH PROTOCOLS
HTTP
.SH EXAMPLE
.nf
/* This example shows an inline import of a cookie in Netscape format.
You can set the cookie as HttpOnly to prevent XSS attacks by prepending
#HttpOnly_ to the hostname. That may be useful if the cookie will later
be imported by a browser.
*/
#define SEP "\\t" /* Tab separates the fields */
char *my_cookie =
"example.com" /* Hostname */
SEP "FALSE" /* Include subdomains */
SEP "/" /* Path */
SEP "FALSE" /* Secure */
SEP "0" /* Expiry in epoch time format. 0 == Session */
SEP "foo" /* Name */
SEP "bar"; /* Value */
/* my_cookie is imported immediately via CURLOPT_COOKIELIST.
*/
curl_easy_setopt(curl, CURLOPT_COOKIELIST, my_cookie);
/* The list of cookies in cookies.txt will not be imported until right
before a transfer is performed. Cookies in the list that have the same
hostname, path and name as in my_cookie are skipped. That is because
libcurl has already imported my_cookie and it's considered a "live"
cookie. A live cookie won't be replaced by one read from a file.
*/
curl_easy_setopt(curl, CURLOPT_COOKIEFILE, "cookies.txt"); /* import */
/* Cookies are exported after curl_easy_cleanup is called. The server
may have added, deleted or modified cookies by then. The cookies that
were skipped on import are not exported.
*/
curl_easy_setopt(curl, CURLOPT_COOKIEJAR, "cookies.txt"); /* export */
res = curl_easy_perform(curl); /* cookies imported from cookies.txt */
curl_easy_cleanup(curl); /* cookies exported to cookies.txt */
.fi
.SH AVAILABILITY
ALL was added in 7.14.1
SESS was added in 7.15.4
FLUSH was added in 7.17.1
RELOAD was added in 7.39.0
.SH RETURN VALUE
Returns CURLE_OK if the option is supported, CURLE_UNKNOWN_OPTION if not, or
CURLE_OUT_OF_MEMORY if there was insufficient heap space.
.SH "SEE ALSO"
.BR CURLOPT_COOKIEFILE "(3), " CURLOPT_COOKIEJAR "(3), " CURLOPT_COOKIE "(3), "