Using wininet with cookies

bithub · 06-01-2006, 06:41 PM

I am trying to use wininet to do successful HTTP requests to a server running webmin.

If I type the following into a browser's address bar:

Code:

https://192.168.1.11:10000/session_login.cgi?user=root&pass=private

Then it works just fine.

When I send a HttpOpenRequest:

Code:

hReq = HttpOpenRequest(hSession, NULL, "/session_login.cgi?user=root&pass=private","HTTP/1.1",NULL,(const char**)media, 
     INTERNET_FLAG_SECURE | INTERNET_FLAG_IGNORE_CERT_DATE_INVALID |INTERNET_FLAG_IGNORE_CERT_CN_INVALID | 
     INTERNET_FLAG_KEEP_CONNECTION | INTERNET_FLAG_RELOAD | INTERNET_FLAG_NO_UI | 
     INTERNET_FLAG_PRAGMA_NOCACHE | INTERNET_FLAG_NO_CACHE_WRITE ,0);

I get back:
<h1>Error - No cookies</h1>
<pre>Your browser does not support cookies, which are required for this web server to work in session authentication mode</pre>

I always thought that wininet handled cookies for you, but maybe I was wrong. Anyone else have any expertise here?

kryptkat · 06-01-2006, 09:09 PM

server offline

Quote:

Pinging 192.168.1.11 with 32 bytes of data:

Request timed out.
Request timed out.
Request timed out.
Request timed out.

bithub · 06-01-2006, 09:11 PM

You wont be able to ping that IP since it's a LAN address.

anonytmouse · 06-01-2006, 10:00 PM

I'd fire up Ethereal and see what the difference is between the request sent by the web browser and the request sent by WinINet (actually, I'm not sure if Ethereal works with SSL, so this idea might be out). Could it be that the session_login.cgi script expects a cookie to be already set?

bithub · 06-01-2006, 10:10 PM

I already tried using Ethereal, but there was 94 TCP packets sent in just the initial request. I don't know enough about the SSL protocol to decipher which packets have to do with the HTTP exchange, and which ones are part of the SSL certificate exchange.

I don't think the session_login.cgi script expects a cookie to already be sent, because when I use the URL directly in the browser, it accesses the page successfully.

The only thing I can really think of doing right now is using Ethereal to view the initial HTTP GET request (Ethereal can decode SLL). I just need to sift through all the garbage to find the right packet. I guess I'll give that a try at work tomorrow.

06-01-2006, 06:41 PM	#1
bithub Registered User Join Date: Sep 2004 Location: California Posts: 3,020	Using wininet with cookies I am trying to use wininet to do successful HTTP requests to a server running webmin. If I type the following into a browser's address bar: Code: https://192.168.1.11:10000/session_login.cgi?user=root&pass=private Then it works just fine. When I send a HttpOpenRequest: Code: hReq = HttpOpenRequest(hSession, NULL, "/session_login.cgi?user=root&pass=private","HTTP/1.1",NULL,(const char**)media, INTERNET_FLAG_SECURE \| INTERNET_FLAG_IGNORE_CERT_DATE_INVALID \|INTERNET_FLAG_IGNORE_CERT_CN_INVALID \| INTERNET_FLAG_KEEP_CONNECTION \| INTERNET_FLAG_RELOAD \| INTERNET_FLAG_NO_UI \| INTERNET_FLAG_PRAGMA_NOCACHE \| INTERNET_FLAG_NO_CACHE_WRITE ,0); I get back: <h1>Error - No cookies</h1> <pre>Your browser does not support cookies, which are required for this web server to work in session authentication mode</pre> I always thought that wininet handled cookies for you, but maybe I was wrong. Anyone else have any expertise here?
bithub is offline

06-01-2006, 09:11 PM	#3
bithub Registered User Join Date: Sep 2004 Location: California Posts: 3,020	You wont be able to ping that IP since it's a LAN address.
bithub is offline

06-01-2006, 10:00 PM	#4
anonytmouse Yes, my avatar is stolen Join Date: Dec 2002 Posts: 2,544	I'd fire up Ethereal and see what the difference is between the request sent by the web browser and the request sent by WinINet (actually, I'm not sure if Ethereal works with SSL, so this idea might be out). Could it be that the session_login.cgi script expects a cookie to be already set?
anonytmouse is offline

06-01-2006, 10:10 PM	#5
bithub Registered User Join Date: Sep 2004 Location: California Posts: 3,020	I already tried using Ethereal, but there was 94 TCP packets sent in just the initial request. I don't know enough about the SSL protocol to decipher which packets have to do with the HTTP exchange, and which ones are part of the SSL certificate exchange. I don't think the session_login.cgi script expects a cookie to already be sent, because when I use the URL directly in the browser, it accesses the page successfully. The only thing I can really think of doing right now is using Ethereal to view the initial HTTP GET request (Ethereal can decode SLL). I just need to sift through all the garbage to find the right packet. I guess I'll give that a try at work tomorrow.
bithub is offline

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
Firefox is not retaining cookies after the session is closed.	SlyMaelstrom	Tech Board	5	11-16-2008 10:29 PM
First party tracking cookies Meow!	kryptkat	Tech Board	13	08-12-2006 06:29 PM
IE Cookies (HUGE Problems, absolutely not minor)	civix	Tech Board	13	08-18-2003 07:42 AM
Math Test Problem Disagreement	orbitz	A Brief History of Cprogramming.com	29	02-28-2003 04:27 PM
Cookies	Witch_King	A Brief History of Cprogramming.com	4	09-23-2001 12:50 AM