New Message Search Latest Redo
West Wind Internet and Client Tools
wwhttp post specific header
Gravatar is a globally recognized avatar based on your email address. wwhttp post specific header
  Milos Bosnjak
  All
6PY0AOMJB
  Sep 26, 2023 @ 04:59am
Reply

Trying to post json on some web API, but this API expects field named "Cookie" sent in header.

I tried following wwhttp methods:

.post(), .httpget() and even .httpgetex() with tcHeaders parameter sent

Each method strips this header field because of its name. when I rename header to "Cookie2" header is sent to server.

ie **postman **does not strip this header named "Cookie"

I don't have possibility to change server side because it is some kind of public web API.

Can this be solved somehow?

Gravatar is a globally recognized avatar based on your email address. re: wwhttp post specific header
  Rick Strahl
  Milos Bosnjak
6PY0FIIOO
  Sep 26, 2023 @ 07:14am
Reply

Milos,

Ok, on first thought I thought this should just work, and I tried it and did get a cookie, but the wrong one, ha ha...

The problem is that WinInet automatically uses cookies that are set in the global Windows Http context, and applies them. So if you use your browser and go to a site that sets a cookie that cookie is cached in the Windows Edge/IE browser cache and then applied to the request.

When I ran a test request like this:

LOCAL loHttp as wwHttp
loHttp = CREATEOBJECT("wwhttp")
loHttp.AppendHeader("Cookie", "test=Rick")
loHttp.AppendHeader("x-custom","West Wind")
loHttp.nHTTPSERVICEFLAGS = INTERNET_FLAG_NO_COOKIES

lcHtml = loHttp.Get("https://west-wind.com/wconnect/testpage.wwd")
ShowHtml(lcHtml)

it produced the following:

Notice: A different cookie is set - not the one I actually set. This cookie comes from my Cookie cache from some browsing activity.

This is the default behavior of WinInet and wwHttp - it uses the default cookie context and it also automatically picks up cookies on requests and passes them on to the next request, using internal cookie caching.

This is the default behavior.

If you want to manually override the cookie behavior you have to explicitly opt out.

To do this use the INTERNET_FLAG_NO_COOKIES from wconnect.h like this:

#include wconnect.h
DO wwhttp

LOCAL loHttp as wwHttp
loHttp = CREATEOBJECT("wwhttp")
loHttp.AppendHeader("Cookie", "test=Rick")
loHttp.AppendHeader("x-custom","West Wind")

*** This disables the default cookie handling
loHttp.nHTTPSERVICEFLAGS = INTERNET_FLAG_NO_COOKIES

lcHtml = loHttp.Get("https://west-wind.com/wconnect/testpage.wwd")

Now the header is added and the default cookies are not applied.

+++ Rick ---

Gravatar is a globally recognized avatar based on your email address. re: wwhttp post specific header
  Rick Strahl
  Milos Bosnjak
6PY0HL8TB
  Sep 26, 2023 @ 08:12am
Reply

FWIW I've added a new topic on wwHttp Cookie handling:

that explains the how and why.

+++ Rick ---

Gravatar is a globally recognized avatar based on your email address. re: wwhttp post specific header
  Milos Bosnjak
  Rick Strahl
6PY1AKWLY
  Sep 26, 2023 @ 09:43pm
Reply

Thanks for the quick response, everything works as described.

Milos

© 1996-2025