How do you print received cookie info to stdout with curl?

BashUnixCookiesCurl

Bash Problem Overview

How do you print received cookie info to stdout with curl?

According to the man pages if you use '-' as the file name for the -c --cookie-jar option it should print the cookie to stdout. The problem is I get an error:

curl: option -: is unknown

an example of the command I am running:

curl -c --cookie-jar - 'http://google.com'

Bash Solutions

Solution 1 - Bash

You get that error because you use in the wrong way that option. When you see in a man page an option like:

-c, --cookie-jar <file name>

this mean that if you want to use that option, you must to use -c OR --cookie-jar, never both! These two are equivalent and, in fact, -c is the abbreviated form for --cookie-jar. There are many, many options in man pages which are designed in the same way.

In your case:

curl -c - 'http://google.com'

--cookie-jar is given as argument for -c option, so, it's interpreted as a file name, not like an option (as you may think), and - remains alone which leads to error because curl, indeed, doesn't have such an option.

Solution 2 - Bash

Remove the "-c"

curl --cookie-jar - 'http://google.com'

Also you try verbose mode and see the cookie headers:

curl -v 'http://google.com'

Solution 3 - Bash

You need to use two options to get only the cookie text on stdout:

--cookie-jar <file name> from the man page:

> If you set the file name to a single dash, '-', the cookies will be written to stdout.

--output <file> from the man page:

> Write output to instead of stdout.

Set it to /dev/null to throw it away.

--silent is also helpful.

Putting it all together:

curl --silent --output /dev/null --cookie-jar - 'http://www.google.com/'

Output:

# Netscape HTTP Cookie File
# https://curl.haxx.se/docs/http-cookies.html
# This file was generated by libcurl! Edit at your own risk.

#HttpOnly_.google.com	TRUE	/	FALSE	1512524163	NID 105=DownH33BKZnCsWJeGvsIC5cKRi7CPT3K3QjfUB-4js5xGw6P_6svMqU1yKlKOEu4XwL_TdddZlcMITefFGOtCCyzJNhO_7E9UMNpbQHja40IAerYP5Bwj-FhY1m35mZdvkVSmrg1pZPvH96IkVVVVVVVV

My use case: Test that your website uses the HttpOnly cookie setting, per the OWASP recommendation:

curl --silent --output /dev/null --cookie-jar - 'http://www.google.com/' | grep HttpOnly

Solution 4 - Bash

You can save the cookies received and send them back to the server using the following commands:

  1. To get/save the cookies to file "/tmp/cookies.txt":

    curl -c /tmp/cookies.txt http://the.site.with.cookies/

  2. To send the cookies back to the server (again using file "/tmp/cookies.txt"):

    curl -b /tmp/cookies.txt http://the.site.with.cookies/

I hope it was useful.

[]s Ronaldo

Categories
Recommended Bash Solutions
Recommended Unix Solutions
Recommended Cookies Solutions
Recommended Curl Solutions

Previous Solution:

Linux shared memory: shmget() vs mmap()?

CLinuxPosixShared MemoryMmap

Next Solution:

Android download manager completed

AndroidAndroid Download-Manager

Attributions

All content for this solution is sourced from the original question on Stackoverflow.

The content on this page is licensed under the Attribution-ShareAlike 4.0 International (CC BY-SA 4.0) license.

Content TypeOriginal AuthorOriginal Content on Stackoverflow
QuestionBrian YehView Question on Stackoverflow
Solution 1 - BashRadu RădeanuView Answer on Stackoverflow
Solution 2 - BashMatías InsaurraldeView Answer on Stackoverflow
Solution 3 - BashgmoonView Answer on Stackoverflow
Solution 4 - BashRonaldo AfonsoView Answer on Stackoverflow