I read that sending cookies with cURL works, but not for me.

I have a REST endpoint like this:

class LoginResource(restful.Resource): def get(self): print(session) if 'USER_TOKEN' in session: return 'OK' return 'not authorized', 401 

When I try to access the endpoint, it refuses:

curl -v -b ~/Downloads/cookies.txt -c ~/Downloads/cookies.txt * About to connect() to 127.0.0.1 port 5000 (#0) * Trying 127.0.0.1... * connected * Connected to 127.0.0.1 (127.0.0.1) port 5000 (#0) > GET / HTTP/1.1 > User-Agent: curl/7.27.0 > Host: 127.0.0.1:5000 > Accept: */* > * HTTP 1.0, assume close after body < HTTP/1.0 401 UNAUTHORIZED < Content-Type: application/json < Content-Length: 16 < Server: Werkzeug/0.8.3 Python/2.7.2 < Date: Sun, 14 Apr 2013 04:45:45 GMT < * Closing connection #0 "not authorized"% 

Where my ~/Downloads/cookies.txt is:

cat ~/Downloads/cookies.txt USER_TOKEN=in 

and the server receives nothing:

127.0.0.1 - - [13/Apr/2013 21:43:52] "GET / HTTP/1.1" 401 - 127.0.0.1 - - [13/Apr/2013 21:45:30] "GET / HTTP/1.1" 401 - <SecureCookieSession {}> <SecureCookieSession {}> 127.0.0.1 - - [13/Apr/2013 21:45:45] "GET / HTTP/1.1" 401 - 

What is it that I am missing?

4

7 Answers

This worked for me:

curl -v --cookie "USER_TOKEN=Yes" 

I could see the value in backend using

print(request.cookies) 
4

You can refer to for a complete tutorial of how to work with cookies. You can use

curl -c /path/to/cookiefile 

to write to a cookie file and start engine and to use cookie you can use

curl -b /path/to/cookiefile 

to read cookies from and start the cookie engine, or if it isn't a file it will pass on the given string.

3

You are using a wrong format in your cookie file. As curl documentation states, it uses an old Netscape cookie file format, which is different from the format used by web browsers. If you need to create a curl cookie file manually, this post should help you. In your example the file should contain following line

127.0.0.1 FALSE / FALSE 0 USER_TOKEN in 

having 7 TAB-separated fields meaning domain, tailmatch, path, secure, expires, name, value.

2

curl -H @<header_file> <host>

Since curl 7.55 headers from file are supported with @<file>

echo 'Cookie: USER_TOKEN=Yes' > /tmp/cookie

curl -H @/tmp/cookie <host>

docs & commit

If you have made that request in your application already, and see it logged in Google Dev Tools, you can use the copy cURL command from the context menu when right-clicking on the request in the network tab. Copy -> Copy as cURL. It will contain all headers, cookies, etc..

1

I'm using Debian, and I was unable to use tilde for the path. Originally I was using

curl -c "~/cookie" -d username=myname password=mypassword 

I had to change this to:

curl -c "/tmp/cookie" -d username=myname password=mypassword 

-c creates the cookie, -b uses the cookie

so then I'd use for instance:

curl -b "/tmp/cookie" 
1

I am using GitBash on Windows and nothing I found worked for me.

So I settled with saving my cookie to a file named .session and used cat to read from it like so:

curl -b $(cat .session) 

And if you are curious my cookie looks like this:

session=abc123 

Your Answer

Sign up or log in

Sign up using Google Sign up using Facebook Sign up using Email and Password

Post as a guest

By clicking “Post Your Answer”, you agree to our terms of service, privacy policy and cookie policy