Cookie 问题,发出请求时旧 Cookie 仍然存在
我目前正在 Android 上开发一个应用程序,使用 App Engine 作为后端。由于正在进行一些繁重的解析,我有时需要将会话 cookie 从 Android 设备传递到服务器,以便在解析响应数据时进行身份验证。
下面的代码来自服务器端,我将从我的 Android 设备传递的 Cookie 放入服务器 HttpUrlConnection 对象中。现在谈谈我的问题。
即使我将有效的会话 cookie 传递给服务器,我也遇到了无法通过身份验证的巨大问题。经过几天的调试,似乎我今天发现了这个问题,但我不知道如何解决这个问题。
使用 Microsoft 网络监视器,我有时可以看到,当我从服务器发出请求时(但并非总是如此),除了我放入 HttpUrlConnection 中的 cookie 之外,请求中还有第二个 cookie。这似乎让第 3 方服务器感到困惑,它使用 Set-cookie 进行响应,而不是让我访问安全页面。
cookie 看起来像这样:
The cookie that I set
Cookie: PHPSESSID=q5r4uon05a32vhs29cd65sarv6
The second cookie, that just "appears" when I make the request
Cookie: $Version=0; PHPSESSID=hb94i7vopft13uaaob837lf3b0; $Path=/
那么,这个版本 0 cookie 是什么?我如何确保它不会在我的请求中传递?
ArrayList<HashMap<String, String>> fillMaps = new ArrayList<HashMap<String, String>>();
URL page = null;
Scanner scanner = null;
Session session = null;
HttpURLConnection connection = null;
try {
link = link.replace("&", "&");
page = new URL(FS_PARTIAL_SESSION_URL + link);
StringBuilder sb = new StringBuilder();
Iterator<Cookie> cooks = cookies.iterator();
while(cooks.hasNext()) {
Cookie cookie = cooks.next();
sb.append(cookie.getName()+"="+cookie.getValue());
if (cooks.hasNext()) {
sb.append(";");
}
}
connection = (HttpURLConnection) page.openConnection();
connection.setRequestProperty("Cookie", sb.toString());
scanner = new Scanner(connection.getInputStream());
} catch (MalformedURLException e) {
log.log(Level.SEVERE, e.getMessage(), e);
} catch (IOException e) {
log.log(Level.SEVERE, e.getMessage(), e);
}
finally {
connection.disconnect();
}
I´m currently developing an application on Android, using App Engine as a backend. Since there´s some heavy parsing going on, I sometimes need to pass session cookies from the android device to the server, in order to be authenticated when parsing the response data.
The code below is from server side, where I put the Cookie(s) that is passed from my android device in the server HttpUrlConnection object. Now to my issue.
I´ve been having huge problems with not being authenticated even though I pass a valid session cookie to the server. After a couple of days of debugging, it seems like I found the issue today, but I have no clue on how to fix this.
Using Microsoft network monitor, I can see that SOMETIMES when I make the request from the server, but not always, there´s a second cookie in the request, BESIDES the one that I have put in the HttpUrlConnection. This seems to confuse the the 3rd party server, which responds with a Set-cookie, rather than letting me access the secure page.
The cookies look like this:
The cookie that I set
Cookie: PHPSESSID=q5r4uon05a32vhs29cd65sarv6
The second cookie, that just "appears" when I make the request
Cookie: $Version=0; PHPSESSID=hb94i7vopft13uaaob837lf3b0; $Path=/
So, what is this version 0 cookie, and how can I make sure that it is not passed in my request?
ArrayList<HashMap<String, String>> fillMaps = new ArrayList<HashMap<String, String>>();
URL page = null;
Scanner scanner = null;
Session session = null;
HttpURLConnection connection = null;
try {
link = link.replace("&", "&");
page = new URL(FS_PARTIAL_SESSION_URL + link);
StringBuilder sb = new StringBuilder();
Iterator<Cookie> cooks = cookies.iterator();
while(cooks.hasNext()) {
Cookie cookie = cooks.next();
sb.append(cookie.getName()+"="+cookie.getValue());
if (cooks.hasNext()) {
sb.append(";");
}
}
connection = (HttpURLConnection) page.openConnection();
connection.setRequestProperty("Cookie", sb.toString());
scanner = new Scanner(connection.getInputStream());
} catch (MalformedURLException e) {
log.log(Level.SEVERE, e.getMessage(), e);
} catch (IOException e) {
log.log(Level.SEVERE, e.getMessage(), e);
}
finally {
connection.disconnect();
}
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
我最终通过创建自己的“版本 0”cookie 解决了这个问题。这样做时,似乎第二个 cookie 没有被创建,或者至少我自己的 cookie 被拾取了。所以在我的 while 循环中,代码现在如下所示:
I finally solved this by creating my own "version 0" cookie. When doing so it seems like the second cookie doesn´t get created, or atleast my own cookie gets picked up instead. So in my while loop, the code now looks like this: