urllib2 响应中的多个 Set-Cookie 标头

发布于 2024-08-25 16:48:41 字数 109 浏览 13 评论 0原文

我正在使用 urllib2 与发送回多个 Set-Cookie 标头的网站进行交互。然而,响应头字典仅包含一个 - 似乎重复的键相互覆盖。

有没有办法使用 urllib2 访问重复的标头?

I am using urllib2 to interact with a website that sends back multiple Set-Cookie headers. However the response header dictionary only contains one - seems the duplicate keys are overriding each other.

Is there a way to access duplicate headers with urllib2?

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(3

↘人皮目录ツ 2024-09-01 16:48:42

根据 urllib2 docs,结果的 .headers 属性URL 对象是一个 httplib.HTTPMessage (它似乎没有记录,至少在 Python 文档中)。

然而,

help(httplib.HTTPMessage)
...

If multiple header fields with the same name occur, they are combined
according to the rules in RFC 2616 sec 4.2:

Appending each subsequent field-value to the first, each separated
by a comma. The order in which header fields with the same field-name
are received is significant to the interpretation of the combined
field value.

因此,如果您访问 u.headers['Set-Cookie'],您应该得到一个 Set-Cookie 标头,其中的值以逗号分隔。

确实,情况似乎确实如此。

import httplib
from StringIO import StringIO

msg = \
"""Set-Cookie: Foo
Set-Cookie: Bar
Set-Cookie: Baz

This is the message"""

msg = StringIO(msg)

msg = httplib.HTTPMessage(msg)

assert msg['Set-Cookie'] == 'Foo, Bar, Baz'

According to urllib2 docs, the .headers attribute of the result URL object is an httplib.HTTPMessage (which appears to be undocumented, at least in the Python docs).

However,

help(httplib.HTTPMessage)
...

If multiple header fields with the same name occur, they are combined
according to the rules in RFC 2616 sec 4.2:

Appending each subsequent field-value to the first, each separated
by a comma. The order in which header fields with the same field-name
are received is significant to the interpretation of the combined
field value.

So, if you access u.headers['Set-Cookie'], you should get one Set-Cookie header with the values separated by commas.

Indeed, this appears to be the case.

import httplib
from StringIO import StringIO

msg = \
"""Set-Cookie: Foo
Set-Cookie: Bar
Set-Cookie: Baz

This is the message"""

msg = StringIO(msg)

msg = httplib.HTTPMessage(msg)

assert msg['Set-Cookie'] == 'Foo, Bar, Baz'
远山浅 2024-09-01 16:48:42

set-cookie 是不同的。来自 RFC 6265:

源服务器不应将多个 Set-Cookie 标头字段折叠到
单个标头字段。折叠 HTTP 标头的常用机制
字段(即,如[RFC2616]中定义的)可能会改变的语义
Set-Cookie 标头字段,因为使用了 %x2C (",") 字符
通过 Set-Cookie 以与此类折叠冲突的方式实现。

从理论上讲,这看起来像是一个错误。

set-cookie is different though. From RFC 6265:

Origin servers SHOULD NOT fold multiple Set-Cookie header fields into
a single header field. The usual mechanism for folding HTTP headers
fields (i.e., as defined in [RFC2616]) might change the semantics of
the Set-Cookie header field because the %x2C (",") character is used
by Set-Cookie in a way that conflicts with such folding.

In theory then, this looks like a bug.

狼性发作 2024-09-01 16:48:42

对我来说绝对不是这样。我在浏览器开发工具中运行了 Python 3.10.0,OCS 提供了这两个 Set-Cookie 标头:

**set-cookie**: 
               JSESSIONID=node01v0bwkcyhmqot1a3eqp3lcvwd2600.node0; 
               Path=/; 
               Secure; 
               HttpOnly; 
               SameSite=Lax
**set-cookie**: 
               ZS-TOKEN-ID=apt688t8gfqf7r4zgkv60aii; 
               HttpOnly; 
               SameSite=Lax; 
               Path=/; 
               Secure;
               Max-Age=36000

r.headers['Set-Cookie'] 中,它们是 <强>不合并。仅列出第一个 cookie。

This is definitely not the case for me. I ran Python 3.10.0 in the browser dev tools the OCS provides these two Set-Cookie headers:

**set-cookie**: 
               JSESSIONID=node01v0bwkcyhmqot1a3eqp3lcvwd2600.node0; 
               Path=/; 
               Secure; 
               HttpOnly; 
               SameSite=Lax
**set-cookie**: 
               ZS-TOKEN-ID=apt688t8gfqf7r4zgkv60aii; 
               HttpOnly; 
               SameSite=Lax; 
               Path=/; 
               Secure;
               Max-Age=36000

In the r.headers['Set-Cookie'] they are NOT combined. Only the first cookie is listed.

~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文