Thread: Using wininet with cookies

  1. #1
    Registered User
    Join Date
    Sep 2004
    Location
    California
    Posts
    3,268

    Using wininet with cookies

    I am trying to use wininet to do successful HTTP requests to a server running webmin.

    If I type the following into a browser's address bar:
    Code:
    https://192.168.1.11:10000/session_login.cgi?user=root&pass=private
    Then it works just fine.

    When I send a HttpOpenRequest:
    Code:
    hReq = HttpOpenRequest(hSession, NULL, "/session_login.cgi?user=root&pass=private","HTTP/1.1",NULL,(const char**)media, 
         INTERNET_FLAG_SECURE | INTERNET_FLAG_IGNORE_CERT_DATE_INVALID |INTERNET_FLAG_IGNORE_CERT_CN_INVALID | 
         INTERNET_FLAG_KEEP_CONNECTION | INTERNET_FLAG_RELOAD | INTERNET_FLAG_NO_UI | 
         INTERNET_FLAG_PRAGMA_NOCACHE | INTERNET_FLAG_NO_CACHE_WRITE ,0);
    I get back:
    <h1>Error - No cookies</h1>
    <pre>Your browser does not support cookies, which are required for this web server to work in session authentication mode</pre>

    I always thought that wininet handled cookies for you, but maybe I was wrong. Anyone else have any expertise here?

  2. #2
    Registered User kryptkat's Avatar
    Join Date
    Dec 2002
    Posts
    638
    server offline

    Pinging 192.168.1.11 with 32 bytes of data:

    Request timed out.
    Request timed out.
    Request timed out.
    Request timed out.

  3. #3
    Registered User
    Join Date
    Sep 2004
    Location
    California
    Posts
    3,268
    You wont be able to ping that IP since it's a LAN address.

  4. #4
    Yes, my avatar is stolen anonytmouse's Avatar
    Join Date
    Dec 2002
    Posts
    2,544
    I'd fire up Ethereal and see what the difference is between the request sent by the web browser and the request sent by WinINet (actually, I'm not sure if Ethereal works with SSL, so this idea might be out). Could it be that the session_login.cgi script expects a cookie to be already set?

  5. #5
    Registered User
    Join Date
    Sep 2004
    Location
    California
    Posts
    3,268
    I already tried using Ethereal, but there was 94 TCP packets sent in just the initial request. I don't know enough about the SSL protocol to decipher which packets have to do with the HTTP exchange, and which ones are part of the SSL certificate exchange.

    I don't think the session_login.cgi script expects a cookie to already be sent, because when I use the URL directly in the browser, it accesses the page successfully.

    The only thing I can really think of doing right now is using Ethereal to view the initial HTTP GET request (Ethereal can decode SLL). I just need to sift through all the garbage to find the right packet. I guess I'll give that a try at work tomorrow.

Popular pages Recent additions subscribe to a feed

Similar Threads

  1. Replies: 5
    Last Post: 11-16-2008, 10:29 PM
  2. First party tracking cookies Meow!
    By kryptkat in forum Tech Board
    Replies: 13
    Last Post: 08-12-2006, 06:29 PM
  3. Replies: 13
    Last Post: 08-18-2003, 07:42 AM
  4. Math Test Problem Disagreement
    By orbitz in forum A Brief History of Cprogramming.com
    Replies: 29
    Last Post: 02-28-2003, 04:27 PM
  5. Cookies
    By Witch_King in forum A Brief History of Cprogramming.com
    Replies: 4
    Last Post: 09-23-2001, 12:50 AM