Add Cookie header with HttpAddRequestHeaders()?

1174 views
Skip to first unread message

William Fields

unread,
Apr 14, 2004, 8:11:27 PM4/14/04
to
Hello,

I need to add a Cookie header to my request that's being sent to the Server.

I tried using the HttpAddRequestHeaders and the HttpSendRequest APIs to add
this header but for some reason when I view the captured packets, I do not
find the "Cookie: " header in the request. I have been able to add other
headers, but not ones with "Cookie:" in them.

Any help would be appreciated.

Thanks.

--
William Fields
MCSD - Microsoft Visual FoxPro
MCP - Win2k Pro
US Bankruptcy Court
Phoenix, AZ

"Don't look back - we're not going that way."

- Terry Hunefeld

William Fields

unread,
Apr 15, 2004, 6:50:43 PM4/15/04
to
I opened an incident with MS support, and they came back with the following
suggestions to a workaround I was attempting to apply to the problem. I'm
also going to ask them to confirm ths same workaround when using
HttpSendRequest().
Bill

====================

PROBLEM:
You are trying to use the HttpAddRequestHeaders API to add a cookie header
and it's not adding the header.
Please let me know if you have anything to add to this symptom statement.

OTHER INFO:
You are trying to add a cookie header to your HTTP request using
HttpAddRequestHeaders function.
You can successfully add other request headers, but not a cookie header.

char * lpszHeaders = "Cookie: Key=somevalue";
DWORD dwHeadersLength = strlen(lpszHeaders);
HttpAddRequestHeaders(hOpenRequest, lpszHeaders, dwHeadersLength,
HTTP_ADDREQ_FLAG_ADD);

The api call succeeds with no errors, but the cookie is not added.
If you simply changes the string to be "MyCookie: KEY=somevalue" instead of
"Cookie: KEY=somevalue", things work!

We discussed using a different WinInet API – InternetSetCookie() to set the
cookie, but you were not certain if you will be able to use this.

I was able to put together a sample (attached) that shows how to set a
Cookie header using two methods:
1. Using HttpAddRequestHeaders(), which is what you have been trying to use.
While trying to set cookie using this method, I ran into the same behavior
that you mentioned – the API returns successfully, but there is no Cookie
added. I was able to determine that we need to specify
INTERNET_FLAG_NO_COOKIES in HttpOpenRequest for this method to work.
However, setting this option will prevent WinInet from adding its own cookie
header. Therefore you will be responsible for all cookie functionality for
your application - you will need to check each response for Cookies and set
them manually.

2. Using InternetSetCookie. This method requires you to specify the URL you
want to set the value for and is straight forward to use.
I looked at the javascript and request headers you sent to me, and it is
apparent that the only cookie being set is the one in the line
document.cookie="KEY=9509-28318-105886.552529401; path=/;";

This line does not specify a domain, and therefore it means the cookie is
set for the domain you made the request to, which in your case appears to be
ecf.azb.circ9.dcn. So, if you were to set a cookie using the
InternetSetCookie method, the URL you would probably use is
http://ecf.azb.circ9.dcn or perhaps http://ecf.azb.circ9.dcn/cgi-bin/

In this case, wininet would automatically send the cookie when you make a
request (HttpSendRequest) to the specified URL.


--
William Fields
MCSD - Microsoft Visual FoxPro
MCP - Win2k Pro
US Bankruptcy Court
Phoenix, AZ

"Don't look back - we're not going that way."

- Terry Hunefeld


"William Fields" <Bill_...@azb.uscourts.gov> wrote in message
news:uP4uz4nI...@TK2MSFTNGP12.phx.gbl...

visha...@gmail.com

unread,
Feb 2, 2016, 5:13:25 PM2/2/16
to
On Thursday, April 15, 2004 at 3:50:43 PM UTC-7, William Fields wrote:
> I opened an incident with MS support, and they came back with the following
> suggestions to a workaround I was attempting to apply to the problem. I'm
> also going to ask them to confirm ths same workaround when using
> HttpSendRequest().
> Bill
>
> ====================
>
> PROBLEM:
> You are trying to use the HttpAddRequestHeaders API to add a cookie header
> and it's not adding the header.
> Please let me know if you have anything to add to this symptom statement.
>
> OTHER INFO:
> You are trying to add a cookie header to your HTTP request using
> HttpAddRequestHeaders function.
> You can successfully add other request headers, but not a cookie header.
>
> char * lpszHeaders = "Cookie: Key=somevalue";
> DWORD dwHeadersLength = strlen(lpszHeaders);
> HttpAddRequestHeaders(hOpenRequest, lpszHeaders, dwHeadersLength,
> HTTP_ADDREQ_FLAG_ADD);
>
> The api call succeeds with no errors, but the cookie is not added.
> If you simply changes the string to be "MyCookie: KEY=somevalue" instead of
> "Cookie: KEY=somevalue", things work!
>
> We discussed using a different WinInet API - InternetSetCookie() to set the
> cookie, but you were not certain if you will be able to use this.
>
> I was able to put together a sample (attached) that shows how to set a
> Cookie header using two methods:
> 1. Using HttpAddRequestHeaders(), which is what you have been trying to use.
> While trying to set cookie using this method, I ran into the same behavior
> that you mentioned - the API returns successfully, but there is no Cookie
> "William Fields" <Bi...@azb.uscourts.gov> wrote in message
> news:uP4uz4nI...@TK2MSFTNGP12.phx.gbl...
> > Hello,
> >
> > I need to add a Cookie header to my request that's being sent to the
> Server.
> >
> > I tried using the HttpAddRequestHeaders and the HttpSendRequest APIs to
> add
> > this header but for some reason when I view the captured packets, I do not
> > find the "Cookie: " header in the request. I have been able to add other
> > headers, but not ones with "Cookie:" in them.
> >
> > Any help would be appreciated.
> >
> > Thanks.
> >
> > --
> > William Fields
> > MCSD - Microsoft Visual FoxPro
> > MCP - Win2k Pro
> > US Bankruptcy Court
> > Phoenix, AZ
> >
> > "Don't look back - we're not going that way."
> >
> > - Terry Hunefeld
> >
> >
> >

I can't thank you enough William for taking time to post your answer. This is the only definitive and correct answer I could find on google (there may be others, but they are certainly not showing up high enough in the search results).

I see a couple of stackoverflow questions on this topic with no good answers. I will link your answer there so more people can find this.
Reply all
Reply to author
Forward
0 new messages