- HTTP Cookies
+Updated: July 3, 2012 (http://curl.haxx.se/docs/http-cookies.html)
+ _ _ ____ _
+ ___| | | | _ \| |
+ / __| | | | |_) | |
+ | (__| |_| | _ <| |___
+ \___|\___/|_| \_\_____|
-Overview
-========
-HTTP cookies are pieces of 'name=contents' snippets that a server tells the
-client to hold and then the client sends back those the server on subsequent
-requests to the same domains/paths for which the cookies were set.
+HTTP Cookies
-Cookies are either "session cookies" which typically are forgotten when the
-session is over which is often translated to equal when browser quits, or the
-cookies aren't session cookies they have expiration dates after which the
-client will throw them away.
+ 1. HTTP Cookies
+ 1.1 Cookie overview
+ 1.2 Cookies saved to disk
+ 1.3 Cookies with curl the command line tool
+ 1.4 Cookies with libcurl
+ 1.5 Cookies with javascript
-Cookies are set to the client with the Set-Cookie: header and are sent to
-servers with the Cookie: header.
+==============================================================================
-For a very long time, the only spec explaining how to use cookies was the
-original Netscape spec from 1994: http://curl.haxx.se/rfc/cookie_spec.html
+1. HTTP Cookies
-In 2011, RFC6265 (http://www.ietf.org/rfc/rfc6265.txt) was finally published
-and details how cookies work within HTTP.
+ 1.1 Cookie overview
-cookies saved to disk
-=====================
+ HTTP cookies are pieces of 'name=contents' snippets that a server tells the
+ client to hold and then the client sends back those the server on subsequent
+ requests to the same domains/paths for which the cookies were set.
-Netscape once created a file format for storing cookies on disk so that they
-would survive browser restarts. curl adopted that file format to allow sharing
-the cookies with browsers, only to see browsers move away from that
-format. Modern browsers no longer use it, while curl still does.
+ Cookies are either "session cookies" which typically are forgotten when the
+ session is over which is often translated to equal when browser quits, or
+ the cookies aren't session cookies they have expiration dates after which
+ the client will throw them away.
-The cookie file format stores one cookie per physical line in the file with a
-bunch of associated meta data, each field separated with TAB. That file is
-called the cookiejar in curl terminology.
+ Cookies are set to the client with the Set-Cookie: header and are sent to
+ servers with the Cookie: header.
-cookies with curl the command line tool
-=======================================
+ For a very long time, the only spec explaining how to use cookies was the
+ original Netscape spec from 1994: http://curl.haxx.se/rfc/cookie_spec.html
-curl has a full cookie "engine" built in. If you just activate it, you can
-have curl receive and send cookies exactly as mandated in the specs.
+ In 2011, RFC6265 (http://www.ietf.org/rfc/rfc6265.txt) was finally published
+ and details how cookies work within HTTP.
-Command line options:
+ 1.2 Cookies saved to disk
+
+ Netscape once created a file format for storing cookies on disk so that they
+ would survive browser restarts. curl adopted that file format to allow
+ sharing the cookies with browsers, only to see browsers move away from that
+ format. Modern browsers no longer use it, while curl still does.
+
+ The netscape cookie file format stores one cookie per physical line in the
+ file with a bunch of associated meta data, each field separated with
+ TAB. That file is called the cookiejar in curl terminology.
+
+ When libcurl saves a cookiejar, it creates a file header of its own in which
+ there is a URL mention that will link to the web version of this document.
+
+ 1.3 Cookies with curl the command line tool
+
+ curl has a full cookie "engine" built in. If you just activate it, you can
+ have curl receive and send cookies exactly as mandated in the specs.
+
+ Command line options:
-b, --cookie
tell curl to start the cookie engine and write cookies to the given file
after the request(s)
-cookies with libcurl
-====================
+ 1.4 Cookies with libcurl
-libcurl options:
+ libcurl offers several ways to enable and interface the cookie engine. These
+ options are the ones provided by the native API. libcurl bindings may offer
+ access to them using other means.
CURLOPT_COOKIE
Extract cookie information from the internal cookie storage as a linked
list.
-cookies with javascript
-=======================
+ 1.5 Cookies with javascript
-These days a lot of the web is built up by javascript. The webbrowser loads
-complete programs that render the page you see. These javascript programs can
-also set and access cookies.
+ These days a lot of the web is built up by javascript. The webbrowser loads
+ complete programs that render the page you see. These javascript programs
+ can also set and access cookies.
-Since curl and libcurl are plain HTTP clients without any knowledge of or
-capability to handle javascript, such cookies will not be detected or used.
+ Since curl and libcurl are plain HTTP clients without any knowledge of or
+ capability to handle javascript, such cookies will not be detected or used.
-Often, if you want to mimic what a browser does on such web sites, you can
-record web browser HTTP traffic when using such a site and then repeat the
-cookie operations using curl or libcurl.
+ Often, if you want to mimic what a browser does on such web sites, you can
+ record web browser HTTP traffic when using such a site and then repeat the
+ cookie operations using curl or libcurl.
projects / platform / upstream / curl.git / blobdiff