Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

Setting cookies from another domain (CFHTTP)

0 views
Skip to first unread message

weblingual

unread,
Jul 20, 2007, 3:41:07 PM7/20/07
to
Hello All,

I am in the process of creating a web site that has it's own look/feel and
give the users the ability to upload video to YouTube. YouTube does not
currently have an API to handle this. So, I found this script called phptube
and am attempting to pull from it and create a coldfusion solution. I'm not a
PHP person (as of yet) and this is my first attempt.

I execute the attached code and first of all, I don't see the cookes getting
set under the ".youtube.com" domain. Should they be? The CFHTTP returns me to a
login page. The question I think I'm trying to ask is this: Can I set a cookie
from within my domain for another domain using cfcookie?

If you have any thougths on this... it would be much appreciated.

thanks :confused;

<!---Initial login--->
<cfhttp

url="http://youtube.com/login?username=#form.username#&password=#form.password#&
next=/index&current_form=loginForm&action_login=1"
useragent="Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)"
resolveurl="yes" />

<cfdump var="#cfhttp.responseHeader["Set-Cookie"]#">

<!--- Create an array to hold the cookies that the server sent --->
<cfset cookies = ArrayNew(1)>
<cfset counter = 1>
<cfloop item="currItem" collection="#cfhttp.responseHeader["Set-Cookie"]#">
<cfset cookies[counter] =
ListGetAt(cfhttp.responseHeader["Set-Cookie"][currItem], 1, ";" )>
<cfset counter = counter + 1>
</cfloop>

<cfloop from="1" to="#arrayLen(cookies)#" index="x">
<cfcookie name="#ListFirst(cookies[x],'=')#"
value="#ListRest(cookies[x],'=')#">
<!---<cfcookie name="#ListFirst(cookies[x],'=')#"
value="#ListRest(cookies[x],'=')#" path="/" domain=".youtube.com">--->
<!---<cfoutput><br />name="#ListFirst(cookies[x],'=')#"
value="#ListRest(cookies[x],'=')#"</cfoutput>--->
</cfloop>

<!---ONCE LOGGED IN, I PULL THE /index PAGE AND I WOULD THINK I WOULD BE
LOGGED IN--->

<cfhttp method="post" url="http://youtube.com/index" useragent="Mozilla/4.0
(compatible; MSIE 6.0; Windows NT 5.0)" resolveurl="yes">
<cfloop from="1" to="#arrayLen(cookies)#" index="x">
<cfhttpparam type="cookie" name="#ListFirst(cookies[x],'=')#"
value="#ListRest(cookies[x],'=')#">
</cfloop>
</cfhttp>


<cfoutput>
#cfhttp.FileContent#
</cfoutput>

Ian Skinner

unread,
Jul 20, 2007, 4:49:57 PM7/20/07
to
Can I set a cookie from within my domain for another domain using cfcookie?

NOPE! This would be directly against the security model of the cookie
specification. A browser will only set cookies for the domain which is
requesting the cookie. If you could set cookies for other domains just
imagine the havoc you could create.

Cookies can be set to share across common sub-domains of the same parent
domain, but that is it.

Mr Black

unread,
Jul 21, 2007, 8:41:11 PM7/21/07
to
Your code should work, if you correctly grab and set all cookies, and if there
were not other cookies set on the previous page (the one you use to login).
Your second CFHTTP uses POST without a body. This may cause a problem. Try
GET instead.

Also, there could be a redirect from the first page (common practice), which
also sets cookies. You, obviously, don't see this and, therefore, don't set
those cookies, if this takes place. If so, you need to disable redirects and
handle it on your own.

However, there is another problem. Even, if you login successfully and
correctly collect all necessary cookies for a session, your users will not be
able to upload files directly to that Web-site (already mentioned domain
cookies problem). So, in order to implement what you want, you will have to
upload those files on your own server first, and after that upload them on the
other Web-site. This could be absolutely unacceptable, if files are large.


0 new messages