How to use cURL to send Cookies?
RestSessionCurlFlaskSession CookiesRest Problem Overview
I read that sending cookies with cURL works, but not for me.
I have a REST endpoint like this:
class LoginResource(restful.Resource):
def get(self):
print(session)
if 'USER_TOKEN' in session:
return 'OK'
return 'not authorized', 401
When I try to access the endpoint, it refuses:
curl -v -b ~/Downloads/cookies.txt -c ~/Downloads/cookies.txt http://127.0.0.1:5000/
* About to connect() to 127.0.0.1 port 5000 (#0)
* Trying 127.0.0.1...
* connected
* Connected to 127.0.0.1 (127.0.0.1) port 5000 (#0)
> GET / HTTP/1.1
> User-Agent: curl/7.27.0
> Host: 127.0.0.1:5000
> Accept: */*
>
* HTTP 1.0, assume close after body
< HTTP/1.0 401 UNAUTHORIZED
< Content-Type: application/json
< Content-Length: 16
< Server: Werkzeug/0.8.3 Python/2.7.2
< Date: Sun, 14 Apr 2013 04:45:45 GMT
<
* Closing connection #0
"not authorized"%
Where my ~/Downloads/cookies.txt
is:
cat ~/Downloads/cookies.txt
USER_TOKEN=in
and the server receives nothing:
127.0.0.1 - - [13/Apr/2013 21:43:52] "GET / HTTP/1.1" 401 -
127.0.0.1 - - [13/Apr/2013 21:45:30] "GET / HTTP/1.1" 401 -
<SecureCookieSession {}>
<SecureCookieSession {}>
127.0.0.1 - - [13/Apr/2013 21:45:45] "GET / HTTP/1.1" 401 -
What is it that I am missing?
Rest Solutions
Solution 1 - Rest
This worked for me:
curl -v --cookie "USER_TOKEN=Yes" http://127.0.0.1:5000/
I could see the value in backend using
print(request.cookies)
Solution 2 - Rest
You can refer to https://curl.haxx.se/docs/http-cookies.html for a complete tutorial of how to work with cookies. You can use
curl -c /path/to/cookiefile http://yourhost/
to write to a cookie file and start engine and to use cookie you can use
curl -b /path/to/cookiefile http://yourhost/
to read cookies from and start the cookie engine, or if it isn't a file it will pass on the given string.
Solution 3 - Rest
You are using a wrong format in your cookie file. As curl documentation states, it uses an old Netscape cookie file format, which is different from the format used by web browsers. If you need to create a curl cookie file manually, this post should help you. In your example the file should contain following line
127.0.0.1 FALSE / FALSE 0 USER_TOKEN in
having 7 TAB-separated fields meaning domain, tailmatch, path, secure, expires, name, value.
Solution 4 - Rest
If you have made that request in your application already, and see it logged in Google Dev Tools, you can use the copy cURL command from the context menu when right-clicking on the request in the network tab. Copy -> Copy as cURL. It will contain all headers, cookies, etc..
Solution 5 - Rest
curl -H @<header_file> <host>
Since curl 7.55 headers from file are supported with @<file>
echo 'Cookie: USER_TOKEN=Yes' > /tmp/cookie
curl -H @/tmp/cookie <host>
Solution 6 - Rest
I'm using Debian, and I was unable to use tilde for the path. Originally I was using
curl -c "~/cookie" http://localhost:5000/login -d username=myname password=mypassword
I had to change this to:
curl -c "/tmp/cookie" http://localhost:5000/login -d username=myname password=mypassword
-c
creates the cookie, -b
uses the cookie
so then I'd use for instance:
curl -b "/tmp/cookie" http://localhost:5000/getData
Solution 7 - Rest
I am using GitBash on Windows and nothing I found worked for me.
So I settled with saving my cookie to a file named .session
and used cat to read from it like so:
curl -b $(cat .session) http://httpbin.org/cookies
And if you are curious my cookie looks like this:
session=abc123