I read that sending cookies with cURL works, but not for me.
I have a REST endpoint like this:
class LoginResource(restful.Resource): def get(self): print(session) if 'USER_TOKEN' in session: return 'OK' return 'not authorized', 401 When I try to access the endpoint, it refuses:
curl -v -b ~/Downloads/cookies.txt -c ~/Downloads/cookies.txt * About to connect() to 127.0.0.1 port 5000 (#0) * Trying 127.0.0.1... * connected * Connected to 127.0.0.1 (127.0.0.1) port 5000 (#0) > GET / HTTP/1.1 > User-Agent: curl/7.27.0 > Host: 127.0.0.1:5000 > Accept: */* > * HTTP 1.0, assume close after body < HTTP/1.0 401 UNAUTHORIZED < Content-Type: application/json < Content-Length: 16 < Server: Werkzeug/0.8.3 Python/2.7.2 < Date: Sun, 14 Apr 2013 04:45:45 GMT < * Closing connection #0 "not authorized"% Where my ~/Downloads/cookies.txt is:
cat ~/Downloads/cookies.txt USER_TOKEN=in and the server receives nothing:
127.0.0.1 - - [13/Apr/2013 21:43:52] "GET / HTTP/1.1" 401 - 127.0.0.1 - - [13/Apr/2013 21:45:30] "GET / HTTP/1.1" 401 - <SecureCookieSession {}> <SecureCookieSession {}> 127.0.0.1 - - [13/Apr/2013 21:45:45] "GET / HTTP/1.1" 401 - What is it that I am missing?
47 Answers
This worked for me:
curl -v --cookie "USER_TOKEN=Yes" I could see the value in backend using
print(request.cookies) 4You can refer to for a complete tutorial of how to work with cookies. You can use
curl -c /path/to/cookiefile to write to a cookie file and start engine and to use cookie you can use
curl -b /path/to/cookiefile to read cookies from and start the cookie engine, or if it isn't a file it will pass on the given string.
3You are using a wrong format in your cookie file. As curl documentation states, it uses an old Netscape cookie file format, which is different from the format used by web browsers. If you need to create a curl cookie file manually, this post should help you. In your example the file should contain following line
127.0.0.1 FALSE / FALSE 0 USER_TOKEN in having 7 TAB-separated fields meaning domain, tailmatch, path, secure, expires, name, value.
2curl -H @<header_file> <host>
Since curl 7.55 headers from file are supported with @<file>
echo 'Cookie: USER_TOKEN=Yes' > /tmp/cookie
curl -H @/tmp/cookie <host>
If you have made that request in your application already, and see it logged in Google Dev Tools, you can use the copy cURL command from the context menu when right-clicking on the request in the network tab. Copy -> Copy as cURL. It will contain all headers, cookies, etc..
1I'm using Debian, and I was unable to use tilde for the path. Originally I was using
curl -c "~/cookie" -d username=myname password=mypassword I had to change this to:
curl -c "/tmp/cookie" -d username=myname password=mypassword -c creates the cookie, -b uses the cookie
so then I'd use for instance:
curl -b "/tmp/cookie" 1I am using GitBash on Windows and nothing I found worked for me.
So I settled with saving my cookie to a file named .session and used cat to read from it like so:
curl -b $(cat .session) And if you are curious my cookie looks like this:
session=abc123