Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Support persisting cookies from multiple domains #314

Merged
merged 30 commits into from
Sep 10, 2023

Conversation

ducaale
Copy link
Owner

@ducaale ducaale commented May 29, 2023

This can be useful when reusing anonymous sessions for multiple domains or when cookies are set as users are redirected from one domain to another.

Before:

{
  "__meta__": { "about": "xh session file", "xh": "0.0.0" },
  "auth": { "type": null, "raw_auth": null },
  "cookies": {
    "lang": { "value": "en" }
  },
  "headers": []
}

After:

{
  "__meta__": { "about": "xh session file", "xh": "0.0.0" },
  "auth": { "type": null, "raw_auth": null },
  "cookies": [
    { "name": "lang", "value": "en", "domain": "example.com" },
    { "name": "lang", "value": "ar", "domain": "example.org" }
  ],
  "headers": []
}

Resolves #244

@ducaale ducaale force-pushed the cookies-as-list-in-session branch from 8ed83f9 to f5a8833 Compare June 10, 2023 14:03
@ducaale ducaale force-pushed the session-duplicate-header-keys branch from 48e1b62 to d3b0ae7 Compare June 10, 2023 14:14
@ducaale ducaale force-pushed the cookies-as-list-in-session branch from f5a8833 to e4a84bc Compare June 10, 2023 14:15
src/session.rs Outdated Show resolved Hide resolved
Base automatically changed from session-duplicate-header-keys to master June 17, 2023 22:04
@ducaale ducaale marked this pull request as ready for review June 18, 2023 22:06
src/main.rs Outdated Show resolved Hide resolved
src/main.rs Outdated Show resolved Hide resolved
@ducaale ducaale requested a review from blyxxyz June 20, 2023 19:32
Copy link
Collaborator

@blyxxyz blyxxyz left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Haven't done a functional test yet but the code looks good!

src/session.rs Outdated Show resolved Hide resolved
src/session.rs Show resolved Hide resolved
src/main.rs Outdated Show resolved Hide resolved
@blyxxyz blyxxyz self-requested a review August 5, 2023 10:41
Copy link
Collaborator

@blyxxyz blyxxyz left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

For https://www.youtube.com, HTTPie stores the cookies under the domain .youtube.com rather than youtube.com. (Cookies for https://www.wikipedia.org do end up under wikipedia.org.)

I haven't read the spec but I assume these have different meanings that we need to keep?

(Reusing an xh session file in HTTPie causes one of the three YouTube cookies to be stored twice, once with the dot and once without. Then HTTPie will also send it twice, but xh only once.)

src/session.rs Outdated Show resolved Hide resolved
@ducaale
Copy link
Owner Author

ducaale commented Aug 12, 2023

The cookie crate is where the leading dot is removed from the domain. See rwf2/cookie-rs#73

I was initially tempted to declare it as an HTTPie bug, but the behaviour is consistent with Requests' cookie jar

Python 3.10.12 (main, Jun 11 2023, 05:26:28) [GCC 11.4.0] on linux
Type "help", "copyright", "credits" or "license" for more information.
>>> import requests
>>> import http.cookies
>>>
>>> cookie_jar = requests.cookies.RequestsCookieJar()
>>> cookie_jar.update(http.cookies.SimpleCookie('hello=world; Path=/; HttpOnly; Secure; Domain=example.com;'))
>>> cookie_jar.update(http.cookies.SimpleCookie('hello=world; Path=/; HttpOnly; Secure; Domain=.example.com;'))
>>> cookie_jar
<RequestsCookieJar[Cookie(version=0, name='hello', value='world', port=None, port_specified=False, domain='.example.com', domain_specified=True, domain_initial_dot=True, path='/', path_specified=True, secure=True, expires=None, discard=False, comment='', comment_url=False, rest={'HttpOnly': True}, rfc2109=False), Cookie(version=0, name='hello', value='world', port=None, port_specified=False, domain='example.com', domain_specified=True, domain_initial_dot=False, path='/', path_specified=True, secure=True, expires=None, discard=False, comment='', comment_url=False, rest={'HttpOnly': True}, rfc2109=False)]>

@blyxxyz
Copy link
Collaborator

blyxxyz commented Aug 15, 2023

Hmmm. Both Firefox and Chromium seem to remember (in the dev tools and in the cookies sqlite db) whether there was a leading dot, even if they presumably ignore it in the end.

Is there an easy way for us to remember it too?

@ducaale
Copy link
Owner Author

ducaale commented Aug 15, 2023

I can't think of a way that doesn't involve forking cookie-rs and cookie-store.

A somewhat random question; do you go with git-rebase or git-merge when bringing changes back from master to a feature branch?

@blyxxyz
Copy link
Collaborator

blyxxyz commented Aug 16, 2023

Yeah, I don't see a way either. Let's leave this as it is.

I think it'd be good to document this divergence from HTTPie somewhere, though it's too obscure to go in the README. ("Formatted output is always UTF-8" also doesn't really belong there I think, it needs a longer explanation to clarify what it even means.) Maybe a separate markdown file?

do you go with git-rebase or git-merge when bringing changes back from master to a feature branch?

I usually don't rebase if I already made a PR or if I touched code/logic that changed in master. Otherwise things can get messy.

@ducaale
Copy link
Owner Author

ducaale commented Aug 16, 2023

I think it'd be good to document this divergence from HTTPie somewhere, though it's too obscure to go in the README. ("Formatted output is always UTF-8" also doesn't really belong there I think, it needs a longer explanation to clarify what it even means.) Maybe a separate markdown file?

Shall we track it as an issue for now? I have now documented couple of existing differences in #322

@blyxxyz blyxxyz self-requested a review September 9, 2023 21:38
@ducaale ducaale merged commit 5faa662 into master Sep 10, 2023
8 checks passed
@ducaale ducaale deleted the cookies-as-list-in-session branch September 10, 2023 20:47
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Revisit how cookies are handled when using anonymous sessions
2 participants