On Fri, 17 Dec 2004, Maurice Barnum wrote:

> in my project, i want to get or set the cookies that matches the session's
> host.

Host and path I presume? And the secure option too? And acknowledging the
expiration times?

> using this proposed interface, if i wanted to get or set the cookies that
> match only the configured CURLOPT_URL, it looks like i'd need to replicate
> the cookie matching code in Curl_cookie_getlist?

Yes. While that is unfortunate, I expect most people don't have this advanced
need.

Of course, if we can come up with a simple and easy API that provides this
functionality as well, I don't mind having it!

> it would be very nice if the library would let me retrieve either "matching"
> cookies or all of them. the first idea that jumps to my mind isn't a very
> good one: if CURLOPT_URL is set, filter the cookies based upon the url,
> otherwise return all of them. i'm not aware of any curl_easy_getinfo or
> curl_easy_setopt methods that are "modal" in that way.

It would make a very obscure API and I can think of several quirks already
that would make it really hard to use. Let's not go that path.

If we want this advanced approach, we should go with a separate function that
returns matching cookies (where no expression would match all). If so, we
should probably also return a linked list of structs with separate fields for
name, contents, expire time etc instead of plain strings in netscape cookie
file format.

The thing is, that then we are again approaching the more complicated API
previously discussed and that never happened I think mainly because it got too
complicated. See http://curl.haxx.se/dev/COOKIES

>> I'm not sure how to clear all known cookies easily, or even if that is a
>> desired feature.
>
> what about passing NULL to curl_easy_setopt/CURLOPT_COOKIELIST?

Nah, I think passing a NULL to an option like that would mean "don't provide
any cookies" so that apps can easily always use the option, just pass the
correct parameter to it. (Many other options work that way today.)

> i like simple. for my project i needed to retrieve the cookies that match
> the current url.

> struct curl_slist *curl_ext_get_cookies(CURL *, int complete);

If 'int complete' was instead changed to be a 'char *URL' and passing a NULL
instead of URL would return all cookies we would be moving forwards.

But what about expired cookies?

And if we provide this separate function, wouldn't it make more sense to
return a linked list of:

struct curl_cookie {
   struct curl_cookie *next; /* if non-NULL, points to the next cookie */
   unsigned char *name;
   unsigned char *value;
   unsigned char *domain; /* or NULL */
   unsigned char *path; /* or NULL */
   bool secure;
   time_t expires; /* 0 means "session-cookie" */
};

... and simplicity is... gone!?

-- 
      Daniel Stenberg -- http://curl.haxx.se -- http://daniel.haxx.se
       Dedicated custom curl help for hire: http://haxx.se/curl.html