Recent

Author Topic: TFPHTTPClient holds the last cookie only  (Read 2455 times)

engkin

  • Hero Member
  • *****
  • Posts: 2513
TFPHTTPClient holds the last cookie only
« on: March 17, 2018, 01:37:55 pm »
I believe this is a bug in TFPCustomHTTPClient. I tracked it down to ReadResponseHeaders:
Code: Pascal  [Select]
  1. function TFPCustomHTTPClient.ReadResponseHeaders: integer;
  2.  
  3.   Procedure DoCookies(S : String);
  4.  
  5.   Var
  6.     P : Integer;
  7.     C : String;
  8.  
  9.   begin
  10.     If Assigned(FCookies) then    ///  <--------  Bug
  11.       FCookies.Clear;             ///  <-------- /
  12.     P:=Pos(':',S);
  13.     System.Delete(S,1,P);
  14.     Repeat
  15.       P:=Pos(';',S);
  16.       If (P=0) then
  17.         P:=Length(S)+1;
  18.       C:=Trim(Copy(S,1,P-1));
  19.       Cookies.Add(C);
  20.       System.Delete(S,1,P);
  21.     Until (S='') or Terminated;
  22.   end;
  23.  
  24. Const
  25.   SetCookie = 'set-cookie';
  26.  
  27. Var
  28.   StatusLine,S : String;
  29.  
  30. begin
  31.   if not ReadString(StatusLine) then
  32.     Exit(0);
  33.   Result:=ParseStatusLine(StatusLine);
  34.   Repeat
  35.     if ReadString(S) and (S<>'') then
  36.       begin
  37.       ResponseHeaders.Add(S);
  38.       If (LowerCase(Copy(S,1,Length(SetCookie)))=SetCookie) then
  39.         DoCookies(S);
  40.       end
  41.   Until (S='') or Terminated;
  42.   If Assigned(FOnHeaders) and not Terminated then
  43.     FOnHeaders(Self);
  44. end;
It clears FCookies repeatedly instead of accumulating all received cookies.

torumyax

  • New Member
  • *
  • Posts: 33
Re: TFPHTTPClient holds the last cookie only
« Reply #1 on: March 17, 2018, 01:54:50 pm »
I haven't tested TFPHTTPClient yet, but is there an official github repository for the TFP** libraries? That would be nice...'cause I'm struggling with TFPHttpServer right now...
« Last Edit: March 17, 2018, 01:57:20 pm by torumyax »

engkin

  • Hero Member
  • *****
  • Posts: 2513
Re: TFPHTTPClient holds the last cookie only
« Reply #2 on: March 17, 2018, 01:59:30 pm »
There is no official github repo. There is an official svn or web

torumyax

  • New Member
  • *
  • Posts: 33
Re: TFPHTTPClient holds the last cookie only
« Reply #3 on: March 17, 2018, 02:12:01 pm »
Thank you for the sharing!

Thaddy

  • Hero Member
  • *****
  • Posts: 9409
Re: TFPHTTPClient holds the last cookie only
« Reply #4 on: March 17, 2018, 03:59:59 pm »
As long as session cookies are meant, the behavior looks correct to me. If not it is indeed a bug. (But I am a cookie hater: best (intention) and worst (mis-use) idea ever invented. Servers should maintain state, not clients)
also related to equus asinus.

engkin

  • Hero Member
  • *****
  • Posts: 2513
Re: TFPHTTPClient holds the last cookie only
« Reply #5 on: March 17, 2018, 04:29:17 pm »
As long as session cookies are meant, the behavior looks correct to me. If not it is indeed a bug. (But I am a cookie hater: best (intention) and worst (mis-use) idea ever invented. Servers should maintain state, not clients)

Session cookies will get deleted if did not come as the last one in a series of set-cookie headers. For instance consider:
Code: Text  [Select]
  1. set-cookie: an=123; Expires=Sat, 17 Mar 2018 15:07:39 UTC; Path=/; Domain=.example.com; Secure;
  2. set-cookie: _active_sess=AbCdEf0123; Path=/; Domain=.example.com; Secure;
  3. set-cookie: your_guest_id=AB12CD456; Expires=Mon, 16 Mar 2020 15:07:48 UTC; Path=/; Domain=.example.com
  4. set-cookie: z=15; Expires=Mon, 16 Apr 2018 15:07:48 UTC; Path= /; Domain=.example.com; Secure

Thaddy

  • Hero Member
  • *****
  • Posts: 9409
Re: TFPHTTPClient holds the last cookie only
« Reply #6 on: March 17, 2018, 04:44:07 pm »
So it is a bug indeed.
also related to equus asinus.

engkin

  • Hero Member
  • *****
  • Posts: 2513
Re: TFPHTTPClient holds the last cookie only
« Reply #7 on: March 18, 2018, 04:30:21 am »
So it is a bug indeed.

Thank you. I'll file a bug report when I get a chance.

Edit:
Filed.
« Last Edit: March 18, 2018, 02:56:45 pm by engkin »