cURL Docs HTTP Cookies
1. HTTP Cookies
1.1 Cookie overview
HTTP cookies are pieces of 'name=contents' snippets that a server tells the client to hold and then the client sends back those the server on subsequent requests to the same domains/paths for which the cookies were set.
Cookies are either "session cookies" which typically are forgotten when the session is over which is often translated to equal when browser quits, or the cookies aren't session cookies they have expiration dates after which the client will throw them away.
Cookies are set to the client with the Set-Cookie: header and are sent to servers with the Cookie: header.
In 2011, RFC6265 (http://www.ietf.org/rfc/rfc6265.txt) was finally published and details how cookies work within HTTP.
1.2 Cookies saved to disk
Netscape once created a file format for storing cookies on disk so that they would survive browser restarts. curl adopted that file format to allow sharing the cookies with browsers, only to see browsers move away from that format. Modern browsers no longer use it, while curl still does.
The netscape cookie file format stores one cookie per physical line in the file with a bunch of associated meta data, each field separated with TAB. That file is called the cookiejar in curl terminology.
1.3 Cookies with curl the command line tool
curl has a full cookie "engine" built in. If you just activate it, you can have curl receive and send cookies exactly as mandated in the specs.
Command line options:
tell curl a file to read cookies from and start the cookie engine, or if it isn't a file it will pass on the given string. -b name=var works and so does -b cookiefile.
when used in combination with -b, it will skip all "session cookies" on load so as to appear to start a new cookie session.
1.4 Cookies with libcurl
libcurl offers several ways to enable and interface the cookie engine. These options are the ones provided by the native API. libcurl bindings may offer access to them using other means.
Is used when you want to specify the exact contents of a cookie header to send to the server.
Tell libcurl to activate the cookie engine, and to read the initial set of cookies from the given file. Read-only.
Tell libcurl to activate the cookie engine, and when the easy handle is closed save all known cookies to the given cookiejar file. Write-only.
Provide detailed information about a single cookie to add to the internal storage of cookies. Pass in the cookie as a HTTP header with all the details set, or pass in a line from a netscape cookie file. This option can also be used to flush the cookies etc.
Often, if you want to mimic what a browser does on such web sites, you can record web browser HTTP traffic when using such a site and then repeat the cookie operations using curl or libcurl.