New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Cookies returned in Set-Cookie header not added to RequestsCookieJar #6344
Comments
Many of those cookies (I didn't check them all while on my phone) were set to expire in the year 1970. Thus they will never end up in the Jar. The server is misconfigured |
I can see that some of the cookies are set to expire. The ones I would expect to be added to the cookie jar, and which do not have an expiry date, as far as I can see, are: .AspNetCore.Cookies.V2 These are the ones that Firefox and Chrome save and use for subsequent requests. I have created a test account on the site in question and here is code that should be able to reproduce the issue.:
|
I'm able to reproduce this behavior. If I pull the The code I use if fairly simple: res = requests.post(
URL,
data=JSON,
headers={"Host": "localhost"},
)
res.cookies["testcookie"] # throws a `KeyError`
jar = http.cookies.SimpleCookie(res.headers["Set-Cookie"])
jar["testcookie"].value # works fine the
This only seems to happen when the |
Thanks for exploring the issue. I notice that the cookies from my response are missing a domain value. Here is one copied from headers['Set-Cookie'] (my reproduction code above still works):
|
Likely this issue is the same as #6245 |
Perhaps it extends beyond missing domains and has something to do with not FQ domains? Because in my case, it doesn't work if it is set to |
I can also reproduce this issue with a
from python/cpython#90233 So I would try 3.11 and see if that helps. For me, it did get the cookie, but decided to set it with a domain of if s.cookies.get(cookie_name, domain="localhost") is None:
cookie_value = s.cookies.get(cookie_name)
s.cookies.clear(name=cookie_name)
s.cookies.set(cookie_name, cookie_value, domain="") It seems like allowing localhost cookies at all may be a nonstandard extension, it just happens to be one that is supported by any browser I've tested with as well as other http client libraries.
|
I am making a post request where the response object has a 'Set-Cookie' with cookie data when inspecting response.headers, but where response.cookies has an empty cookie jar.
My request contains a number of parameters which I am reproducing here, but I doubt the issue has to do with the parameters passed:
response = requests.post(url, headers=headers, cookies=cookies, data=data, allow_redirects=False)
I suspect that the cookies returned in the header might contain non-standard syntax or are too long. I have tried logging in to the site in question using both Firefox and Chrome with Javascript off. Both browsers store the cookies for the response in question and submit the cookies for subsequent requests to the site in question.
Expected Result
My response object contains the following headers. I have edited a few alphanumeric characters in the values for safety reasons, but in terms of length and syntax nothing has been touched:
I would expect my response.cookies to contain the cookie data in response.headers['Set-Cookie'].
Actual Result
Instead of containing the cookies from the response headers, the response cookie jar is empty:
I have tried logging in to the site in question using both Firefox and Chrome with Javascript off. Both browsers store the cookies for the response in question and submit the cookies for subsequent requests to the site in question.
Reproduction Steps
I am unable to provide reproduction steps in the bug report, since a complete reproduction includes user credentials for the site in question. I hope that someone with more in-depth knowledge of Requests is able to reproduce the issue by parsing the Set-Cookie part of the header above with the relevant class or functions in Requests.
I would be happy to provide a bug fixer with test credentials and code to reproduce the issue on the site returning the response. Just reach out to me.
System Information
The text was updated successfully, but these errors were encountered: