Re: bug storing cookies with wget

2007-06-03 Thread Matthias Vill
Matthias Vill schrieb:
> Mario Ander schrieb:
>> Hi everybody,
>>
>> I think there is a bug storing cookies with wget.
>>
>> See this command line:
>>
>> "C:\Programme\wget\wget" --user-agent="Opera/8.5 (X11;
>> U; en)" --no-check-certificate --keep-session-cookies
>> --save-cookies="cookie.txt" --output-document=-
>> --debug --output-file="debug.txt"
>> --post-data="name=xxx&password=&dummy=Internetkennwort&login.x=0&login.y=0"
>> "https://www.vodafone.de/proxy42/portal/login.po";
> [..]
>> Set-Cookie:
>> JSESSIONID=GgvG9LMyqLdpQKy11QLHdvN2QGgQrCGC9LsXSh42gkQrdbDnTGVQ!-249032648!NONE;
>> path=/jsp 
>> Set-Cookie: VODAFONELOGIN=1; domain=.vodafone.de;
>> expires=Friday, 01-Jun-2007 15:05:16 GMT; path=/ 
>> Set-Cookie:
>> JSESSIONID=GgvG9LMyqLdpQKy11QLHdvN2QGgQrCGC9LsXSh42gkQrdbDnTGVQ!-249032648!NONE!1180705316338;
>> path=/proxy42
> [..]
>> ---response end---
>> 200 OK
>> Attempt to fake the path: /jsp,
>> /proxy42/portal/login.po
> 
> So the problem seems to be that wget rejects cookies for paths which
> don't "fit" to the request url. Like the script you call is in
> /proxy42/portal/, which is a subdir of /proxy42 an / so wget accepts
> those cookies, but wich is not related to /jsp
> 
> So it seems to be wget sticking to the strict RFC and the script doing
> wrong.
> To get this working you would need to patch wget for not RFC-compliant
> cookies maybe along with an "--accept-malformed-cookies" directiv.
> 
> Hope this helps you
> 
> Matthias
> 

So I thought of a second solution: If you have cygwin (or at least
bash+grep) you can run this small script to dublicate and truncate the
cookie.
--- CUT here ---
#!/bin/bash
#Author: Matthias Vill; feel free to change and use

#get the line for proxy42-path in $temp
temp=$(grep proxy42 cookies.txt)

#remove everything after last !
temp=${temp%!*}

#replace proxy42 by jsp
temp=${temp/proxy42/jsp}

#append newline to file
#echo >>cookies.txt

#add new cookie to cookies.txt
echo $temp>>cookies.txt
--- CUT here ---
Maybe you need to remove the "#" in front of "echo >>cookies.txt" to
compensate a missing trailing newline; otherwise you may end up changing
the value of the previous cookie.

Maybe this helps even more

Matthias


Re: bug storing cookies with wget

2007-06-03 Thread Matthias Vill
Mario Ander schrieb:
> Hi everybody,
> 
> I think there is a bug storing cookies with wget.
> 
> See this command line:
> 
> "C:\Programme\wget\wget" --user-agent="Opera/8.5 (X11;
> U; en)" --no-check-certificate --keep-session-cookies
> --save-cookies="cookie.txt" --output-document=-
> --debug --output-file="debug.txt"
> --post-data="name=xxx&password=&dummy=Internetkennwort&login.x=0&login.y=0"
> "https://www.vodafone.de/proxy42/portal/login.po";
[..]
> Set-Cookie:
> JSESSIONID=GgvG9LMyqLdpQKy11QLHdvN2QGgQrCGC9LsXSh42gkQrdbDnTGVQ!-249032648!NONE;
> path=/jsp 
> Set-Cookie: VODAFONELOGIN=1; domain=.vodafone.de;
> expires=Friday, 01-Jun-2007 15:05:16 GMT; path=/ 
> Set-Cookie:
> JSESSIONID=GgvG9LMyqLdpQKy11QLHdvN2QGgQrCGC9LsXSh42gkQrdbDnTGVQ!-249032648!NONE!1180705316338;
> path=/proxy42
[..]
> ---response end---
> 200 OK
> Attempt to fake the path: /jsp,
> /proxy42/portal/login.po

So the problem seems to be that wget rejects cookies for paths which
don't "fit" to the request url. Like the script you call is in
/proxy42/portal/, which is a subdir of /proxy42 an / so wget accepts
those cookies, but wich is not related to /jsp

So it seems to be wget sticking to the strict RFC and the script doing
wrong.
To get this working you would need to patch wget for not RFC-compliant
cookies maybe along with an "--accept-malformed-cookies" directiv.

Hope this helps you

Matthias


bug storing cookies with wget

2007-06-01 Thread Mario Ander
Hi everybody,

I think there is a bug storing cookies with wget.

See this command line:

"C:\Programme\wget\wget" --user-agent="Opera/8.5 (X11;
U; en)" --no-check-certificate --keep-session-cookies
--save-cookies="cookie.txt" --output-document=-
--debug --output-file="debug.txt"
--post-data="name=xxx&password=&dummy=Internetkennwort&login.x=0&login.y=0"
"https://www.vodafone.de/proxy42/portal/login.po";



wget answer this way:



DEBUG output created by Wget 1.10.2 on Windows.

--15:41:58-- 
https://www.vodafone.de/proxy42/portal/login.po
   => `-'
Resolving www.vodafone.de... seconds 0.00,
139.7.147.41
Caching www.vodafone.de => 139.7.147.41
Connecting to www.vodafone.de|139.7.147.41|:443...
seconds 0.00, connected.
Created socket 1844.
Releasing 0x003a5a90 (new refcount 1).
Initiating SSL handshake.
Handshake successful; connected socket 1844 to SSL
handle 0x00931758
certificate:
  subject: /C=DE/ST=NRW/L=Duesseldorf/O=Vodafone D2
GmbH/OU=TOP-A/OU=Terms of use at www.verisign.com/rpa
(c)00/CN=www.vodafone.de
  issuer:  /O=VeriSign Trust Network/OU=VeriSign,
Inc./OU=VeriSign International Server CA - Class
3/OU=www.verisign.com/CPS Incorp.by Ref. LIABILITY
LTD.(c)97 VeriSign
WARNING: Certificate verification error for
www.vodafone.de: unable to get local issuer
certificate

---request begin---
POST /proxy42/portal/login.po HTTP/1.0 
User-Agent: Opera/8.5 (X11; U; en) 
Accept: */* 
Host: www.vodafone.de 
Connection: Keep-Alive 
Content-Type: application/x-www-form-urlencoded 
Content-Length: 77 
 
---request end---
[POST data:
name=xxx&password=&dummy=Internetkennwort&login.x=0&login.y=0]
HTTP request sent, awaiting response... 
---response begin---
HTTP/1.1 200 OK 
Date: Fri, 01 Jun 2007 13:41:56 GMT 
Server: Apache 
Pragma: No-cache 
Expires: Thu, 01 Jan 1970 00:00:00 GMT 
Set-Cookie:
JSESSIONID=GgvG9LMyqLdpQKy11QLHdvN2QGgQrCGC9LsXSh42gkQrdbDnTGVQ!-249032648!NONE;
path=/jsp 
Set-Cookie: VODAFONELOGIN=1; domain=.vodafone.de;
expires=Friday, 01-Jun-2007 15:05:16 GMT; path=/ 
Set-Cookie:
JSESSIONID=GgvG9LMyqLdpQKy11QLHdvN2QGgQrCGC9LsXSh42gkQrdbDnTGVQ!-249032648!NONE!1180705316338;
path=/proxy42 
Cache-Control: no-cache,no-store,max-age=0 
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"

Connection: close 
Content-Type: text/html; charset=ISO-8859-1 
Via: 1.1 www.vodafone.de (Alteon iSD-SSL/6.0.5) 
 
---response end---
200 OK
Attempt to fake the path: /jsp,
/proxy42/portal/login.po
cdm: 1 2 3 4 5 6 7 8
Stored cookie vodafone.de -1 (ANY) / 
 [expiry 2007-06-01 17:05:16] VODAFONELOGIN
1

Stored cookie www.vodafone.de -1 (ANY) /proxy42
  [expiry none] JSESSIONID
GgvG9LMyqLdpQKy11QLHdvN2QGgQrCGC9LsXSh42gkQrdbDnTGVQ!-249032648!NONE!1180705316338
Length: unspecified [text/html]

0K .. .. .. ...   
338.67 KB/s

Closed 1844/SSL 0x931758
15:41:58 (338.67 KB/s) - `-' saved [34644]

Saving cookies to cookie.txt.
Done saving cookies.




The cookie.txt looks this way:



# HTTP cookie file.
# Generated by Wget on 2007-06-01 15:33:23.
# Edit at your own risk.

www.vodafone.de FALSE   /proxy42FALSE   0   JSESSIONID
GggBMfxV9vGqGwtyQGJFXsyCr6vQvGSh9KGgDt7xgLycdc5MTQps!1467361027!NONE!1180704801023
.vodafone.deTRUE/   FALSE   1180709801  VODAFONELOGIN   1



and should look like this (but does not):


# HTTP cookie file.
# Generated by Wget on 2007-06-01 15:47:31.
# Edit at your own risk.

www.vodafone.de FALSE   /proxy42FALSE   0   JSESSIONID
GgjRT1NTfspwH1cJCVPlGv37c4JKgkTDPYJNsTM2l1RJG0CJQ8Rp!-249032648!NONE!1180705649205
www.vodafone.de FALSE   /jspFALSE   0   JSESSIONID
GgjRT1NTfspwH1cJCVPlGv37c4JKgkTDPYJNsTM2l1RJG0CJQ8Rp!-249032648!NONE
.vodafone.deTRUE/   FALSE   1180710649  VODAFONELOGIN   1


ThatÂ’s all.
Bye.




   

Boardwalk for $500? In 2007? Ha! Play Monopoly Here and Now (it's updated for 
today's economy) at Yahoo! Games.
http://get.games.yahoo.com/proddesc?gamekey=monopolyherenow