TimRegan said:
Hi All,
I'm having problems with HttpWebRequest, HttpWebResponse, and cookies.
I copy over the cookies from the server's HTTP response using the
following code:
if (response.Cookies.Count > 0)
{
request.CookieContainer.Add(response.Cookies);
}
And I can see that the cookies are correctly copied since the cookie
count on the request now equals the cookie count on the last response.
But, when I come to enumerate the headers of the request, the cookies
are not listed, nor do they show-up in the HTTP headers gleaned using
a packet sniffer (Ethereal).
Can anyone suggest factors I should be exploring, I've been going
round and round this problem for days :-(
Are the cookie domains the same?
Here's the text of a previous response of mine on this issue:
----------
Now, recall that the way cookies work is that the server sends the cookie to
the browser, and the browser later sends the cookie back to the server on
each request for which the criteria match. The criteria are domain, path and
expiration:
1) A Domain match requires that the domain part of the URL from which the
cookie originally came must match the domain of the new request. For
instance, if the cookie domain was company.com, and the new request is to
www.company.com, then this is a match. But if the cookie domain was
support.company.com, then
www.company.com would not match. A few tricky
issues are that if the domain is "localhost", then the cookie will only be
sent to "
http://localhost", not
http://YOURMACHINE or
http://127.0.0.1 or
http://a.b.c.d. Similarly, if the domain is set to an IP address, then the
cookie will only be sent back when that same IP address is specified in the
URL. It will not be sent if a different IP address is used (even if the
addresses are for the same host) or if a DNS name is used (even if the DNS
name corresponds to the IP address).
2) A path match exists when the path portion of the new request matches the
path specified with the cookie. The default path is "/". This means that a
cookie could specify a path of "/company/investors", and it would be sent on
a request to "/company/investors/annualReport.aspx", but it would not be
sent to "/company/contactUs.aspx". As a matter of fact, it wouldn't be sent
to "/company/Investors/annualReport.aspx", which is why path is rarely used.
In fact I expect it's more frequently used in error than deliberately.
3) An expiration match occurs when the expiration date set on the cookie has
not yet passed.
Finally, a cookie will only be sent back to the server if the browser kept
the cookie and if the browser is configured to return it. Depending on the
security and privacy settings of the browser, the cookie may have been
discarded, or the browser may not be willing to send it back. Make sure your
browser settings are set to accept all cookies.
It may be necessary to watch what happens on the wire between the server and
the browser. In this case, I use ProxyTrace from
http://pocketsoap.com.