From: Gisle Aas [mailto:[EMAIL PROTECTED] > "Paul Marquess" <[EMAIL PROTECTED]> writes: > > > This is from UserAgent::request (LWP 5.76) where it is dealing with a > > redirect response > > > > # These headers should never be forwarded > > $referral->remove_header('Host', 'Cookie'); > > > > I've found that while writing a script to automate logging on to Yahoo > Web > > mail, I've needed to change this behaviour in a private copy of > > UserAgent::request to retain the Cookies. > > The reason the Cookie headers are removed is that they will be added > automatically again if the redirect goes to a place that requires > cookies. This happens even if the redirect goes to the same place as > the original request. > > > FYI, logging onto Yahoo involves > > dealing with a series of 302 responses. The first of these responses > (from > > http://login.yahoo.com), is a 302 that redirects back to itself - this > > response has a Set-Cookie header that is needed to be applied to the > > redirection request to continue with the login. > > That should just work. If it does not it is a bug. > > > Apart from the fact that this behaviour is being used in the wild, my > > reading of RFC 2109 is that this use of a Set-Cookie is ok because the > > domain attribute in the Cookie still refers to ".yahoo.com". > > Can you provide a trace of sequence of request/responses that are > exchanged and the content of the cookie_jar as this happens.
Sorry, false alarm. I retraced my steps and got a vanilla LWP to work without having to hack it at all. Very weird! Paul Ps found a HTTP Debugging Proxy called Fiddler that was very handy in working out the tricks that Yahoo used in their login sequence. Available at http://www.fiddlertool.com/fiddler/. Only works in conjunction with Internet Explorer though.