Wininet 是否处理 HTTP 标头值“Set-Cookie”?
我有一个自定义 http 组件,它使用 Wininet 来处理 http POST 和 GET。它工作正常,但有些网站在响应标头中返回 Set-Cookie 参数,并且他们希望浏览器在下次调用时使用此 cookie。据我所知,我的基于 wininet 的组件没有处理这些 cookie。当我使用一些 http 嗅探器(如 Http 分析器)时,我可以看到它。 IE 工作正常。我的请求标头没有什么不同,与 IE 创建的相同。
我应该自己处理这些饼干吗?如果是这样,怎么办?
I have a custom http component that uses Wininet to handle http POST and GET. It works fine, but some sites return a Set-Cookie param in the response header and they expect this cookie to be used by the browser on next calls. As far as I can see, my wininet based component is not handling those cookies. I can see it when I use some http sniffers like Http Analyzer. IE works ok. Theres nothing different in my request header, it is the same that IE creates.
Should I take care of those cookies myself? If so, how?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
WinInet 不处理cookie。你需要自己处理。
在 WinInet 库中,您将找到
InternetGetCookie()和InternetSetCookie()。 MSDN 有一篇关于管理 Cookie。具体细节取决于您的应用程序及其架构,但我通常发现使用 InternetGetCookie() 的实现很笨拙。相反,我将检索与调用
InternetReadFile()内嵌的所有 HTTP 标头,然后在存在 cookie 的情况下调用InternetSetCookie():包含检索 HTTP 示例的 MSDN 文章可以找到标头 这里。
WinInet does not handle cookies. You need to handle it yourself.
In the WinInet libarary you'll find
InternetGetCookie()andInternetSetCookie(). There's a good MSDN article on Managing Cookies.Specifics will depend on your application and it's architecture, but I usually find implementations using
InternetGetCookie()clunky. Instead I'll retrieve all the HTTP headers in-line with the calls toInternetReadFile()then callInternetSetCookie()if a cookie exists:MSDN articles with examples for retrieving HTTP headers can be found here.
上面的答案是错误的。 CInternetSession确实处理cookie。如果本次会话下有http响应
返回一个Set-Cookie header,其中的cookie将被session对象自动保存并返回
后续请求时发送到服务器。无需使用SetCookie()。
但有一些警告和陷阱: 返回的没有过期日期的 Cookie 是会话 Cookie
并且仅保存在内存中。当 CInternetSession 对象被销毁时,它们将永远消失。
可以使用 SetOption 在 CInternetSession 对象中设置标志,并在禁用 cookie 的请求上设置标志。
请参阅标志 INTERNET_OPTION_SUPPRESS_SERVER_AUTH 和 INTERNET_FLAG_NO_COOKIES。小心你没有这样做。
当心缓存。 GET 一次脚本来获取 cookie,然后再次 GET 来打印返回的 cookie。
但这不起作用!没有打印 cookie。为什么?因为“文件”被缓存了。在第二次调用 wininet 时没有
联系服务器,它再次给你旧的响应,当然没有打印任何cookie。为了避免
您必须使用标志 INTERNET_FLAG_RELOAD。本质如下:
另外,请注意,如果 cookie 由 URL http://example.com/cgi-bin/test.pl 的脚本设置,则它与 URL http://example.com/cgi-bin/ 关联所以将返回到脚本 http://example.com/cgi-bin/hello.pl 。不过 cookie 标头可以改变这种行为。
The answer above is wrong. CInternetSession does indeed handle cookies. If an http response under this session
returns a Set-Cookie header the cookie therein will automatically be saved by the session object and returned
to the server on subsequent requests. No need to use SetCookie().
There are a few caveats and pitfalls though: Cookies returned without an expiration date are session cookies
and are only saved in MEMORY. When the CInternetSession object is destroyed they disappear for ever.
It is possible to set flags in the CInternetSession object with SetOption and on requests which disable cookies.
See the flags INTERNET_OPTION_SUPPRESS_SERVER_AUTH and INTERNET_FLAG_NO_COOKIES. Take care so you haven't done this.
Beware of CACHING. GET a script once to get the cookie, then GET it again to print the returned cookie.
And it doesn't work! No cookie is printed. Why? Because the "file" is cached. On the second call wininet doesn't
contact the server, it gives you the old response once again, which of course hasn't printed any cookie. To avoid
this you must use the flag INTERNET_FLAG_RELOAD. Here's the essence:
Also, note that if the cookie is set by a script with URL http: //example.com/cgi-bin/test.pl it's associated with the URL http: //example.com/cgi-bin/ so will be returned to the script http: //example.com/cgi-bin/hello.pl . The cookie header can change this behaviour though.