cURL / Mailing Lists / curl-users / Single Mail

curl-users

RE: SSL + Cookies

From: insaini <insaini_at_rogers.com>
Date: Mon, 24 Mar 2008 06:29:27 -0400

 

 

From: curl-users-bounces_at_cool.haxx.se
[mailto:curl-users-bounces_at_cool.haxx.se] On Behalf Of Ralph Mitchell
Sent: March 23, 2008 11:19 PM
To: the curl tool
Subject: Re: SSL + Cookies

 

On Sun, Mar 23, 2008 at 9:14 PM, insaini <insaini_at_rogers.com> wrote:

The cookies are not received by curl at all and do not get stored in the
cookie jar. I have tried using preg_match to extract the cookies directly
from the response and there is nothing except for the JSESSIONID even though
in Live Http Headers for firefox it says there are ..

The curl version is 7.18 (I finally got it installed and compiled with php
5.2.5)

It may be easier for you to try it yourself actually..

This is the link

https://est-oee.canadapost-postescanada.ca/shipping/estShipping.jsp?locale=e
<https://est-oee.canadapost-postescanada.ca/shipping/estShipping.jsp?locale=
en_CA&formId=110>
n_CA&formId=110

it will redirect you to the login page (although Im not entirely sure that
it is an actual redirect) ..

using Live HTTP headers you'll see exactly what I mean

The first page gives back a page with a META refresh tag that has a big url.
Fetching *that* link returns a page containing this little bit of
javascript:

        sTestCookie = "CPC_TEST_COOKIE";
        oDate = new Date();
        oDate.setFullYear(oDate.getFullYear() + 10);
        sDate = oDate.toGMTString();
        sCookieListUPC = sTestCookie + "=TEST; expires=" + sDate + ";
path=/";
        document.cookie = sCookieListUPC;
        if(!document.cookie)
                location = "browser_error.htm";

So, the web browser is generating the CPC_TEST_COOKIE on-the-fly. Curl
doesn't even attempt to execute the javascript. You'll need to examine the
page content and deal with any script-generated cookies yourself.

Ralph Mitchell

 

Hi Ralph, I saw the it is creating CPC_TEST_COOKIE through javascript.. but
there are other cookies beyond CPC_TEST_COOKIE that are missing..

Here is the list,

Cookie: CPC_TEST_COOKIE=TEST;

OBCurl=https%3A//sso-cal.canadapost-postescanada.ca/sso/login.jsp%3F%7Elangu
age%3DEN%26SSO_REFERRER_URL%3Dhttps%3A//est-oee.canadapost-postescanada.ca/s
hipping/estShipping.jsp%26formId%3D110%26locale%3Den_CA%26SSO_EXT_SESSION_ID
%3DRYKRHnNF9GmdnCtvhz7nRTbvcGvv0fG2yq5X06fsjGC2NJG3chvY%211695204232%2112063
24517539;

JSESSIONID=JjXTHnNYyXVq8HnLjzTLLGhDZLx53gpGs65x8DTJyTmJJh54JSTN!1003121022;

s_cc=true;

s_sq=canadapostca-dev%3D%2526pid%253Dest%252520%25253A%252520ship%252520%252
53A%252520canada%252520%25253A%252520step%2525201%2526pidt%253D1%2526oid%253
Dhttps%25253A//est-oee.canadapost-postescanada.ca/expediterLogout_e.jsp%2526
ot%253DA

Why are these cookies not being retrieved when they are not generated by the
page but passed.. ?
Received on 2008-03-24