From: Gisle Aas [mailto:[EMAIL PROTECTED]
> "Paul Marquess" <[EMAIL PROTECTED]> writes:
> > This is from UserAgent::request (LWP 5.76) where it is dealing with a
> > redirect response
> >
> >     # These headers should never be forwarded
> >     $referral->remove_header('Host', 'Cookie');
> >
> > I've found that while writing a script to automate logging on to Yahoo
> Web
> > mail, I've needed to change this behaviour in a private copy of
> > UserAgent::request to retain the Cookies.
> The reason the Cookie headers are removed is that they will be added
> automatically again if the redirect goes to a place that requires
> cookies.  This happens even if the redirect goes to the same place as
> the original request.
> >                                        FYI, logging onto Yahoo involves
> > dealing with a series of 302 responses. The first of these responses
> (from
> >, is a 302 that redirects back to itself - this
> > response has a Set-Cookie header that is needed to be applied to the
> > redirection request to continue with the login.
> That should just work.  If it does not it is a bug.
> > Apart from the fact that this behaviour is being used in the wild, my
> > reading of RFC 2109 is that this use of a Set-Cookie is ok because the
> > domain attribute in the Cookie still refers to "".
> Can you provide a trace of sequence of request/responses that are
> exchanged and the content of the cookie_jar as this happens.

Sorry, false alarm. I retraced my steps and got a vanilla LWP to work
without having to hack it at all. Very weird!


Ps found a HTTP Debugging Proxy called Fiddler that was very handy in
working out the tricks that Yahoo used in their login sequence. Available at Only works in conjunction with Internet
Explorer though.

Reply via email to