How to allow cURL to automatically add recived cookies to the request?

Question

I am trying to communicate with a RESP API using cURL calls via PHP.

The first call to the API is to login by passing a username and a password. Once the API receive my request, it returns something like this in the headers

HTTP/1.1 201 Created
ININ-ICWS-CSRF-Token: WAhtYWxoabcfa1dBY2NvUkRJWCQ2Yzg5YefgOC01YTI0LTQ1MjEtYTdgdd1iMzAyNGRhZmRjZTBYCjEwLjAuNC4xNjA=
ININ-ICWS-Session-ID: 2562886002
Set-Cookie: icws_2562886002=1924Pe25-d47c-4d07-9546-9fcuijfdd0b02; Path=/icws/2562886002
Location: /icws/2562886002/connection
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Content-Type: application/vnd.inin.icws+JSON; charset=utf-8
Date: Thu, 14 May 2015 17:49:20 GMT
Server: HttpPluginHost
Content-Length: 238

Now, along with any additional call to the API, the cookie value that was returned in the header must be included in the new request. (in this case: icws_2562886002=1924Pe25-d47c-4d07-9546-9fcuijfdd0b02)

How can I configure my cURL call to automatically pass back the cookie that is received?

therefore, with every request I will see to have Cookie: icws_2562886002=1924Pe25-d47c-4d07-9546-9fcuijfdd0b02 in the header.

I know I can manually added it like this

curl_setopt($ch, CURLOPT_HTTPHEADER, array('Cookie: icws_2562886002=1924Pe25-d47c-4d07-9546-9fcuijfdd0b02'));

But there has to be a way for the cURL to automatically add the cookie value to the request.

I also tried to add this

curl_setopt($ch, CURLOPT_COOKIE, true);

But did not work either

score 3 · Accepted Answer · answered May 14 '15 at 18:02

3

$cookiesFile = 'cookies.txt';
curl_setopt($ch, CURLOPT_COOKIEJAR, $cookiesFile); // write
curl_setopt($ch, CURLOPT_COOKIEFILE, $cookiesFile); // read

answered May 14 '15 at 18:02

Axalix

2,831
1
20
37

can you please tell me what does this do? – Jaylen May 14 '15 at 18:04
This code saves cookies in the file with name "cookies.txt" when you make a first request. Also it adds saved cookies to a header during the second request, so saved cookies will be sent back to the server. It is pretty much an emulation of what browsers do. – Axalix May 14 '15 at 18:09
I see. then what does `CURLOPT_COOKIE` do? – Jaylen May 14 '15 at 18:10
@ Jaylen my array is like this Array ( [metadata] => stdClass Object ( [total_pages] => 1 [total_records] => 1 ) [data] => stdClass Object ( [token] => XXXXXXXXXXX [time] => 2017-04-11 00:12:36 [user_id] => 000000 [site_address] => https://XXXXXXXX.com [user_role] => admin [access] => member ) ) and i want to save token id into cookies.txt , I have no idea how can i do this. – Ranjeet singh Apr 11 '17 at 05:17

Misunderstood · Answer 2 · 2015-05-14T18:19:09.697

Often the cookies are set in a 302 redirect. This gets to be problematic with cURL and cookies. So much so I wrote my own cookie routines.

When there is a redirect I do not allow cURL to follow :

curl_setopt($ch, CURLOPT_FOLLOWLOCATION, false);

I get the cookies from the Header so I have to tell cURL to give it:

curl_setopt($ch, CURLOPT_HEADER, true);

After executing cURL

  $data = curl_exec($ch);

Get the Response Header:

  $skip = intval(curl_getinfo($ch, CURLINFO_HEADER_SIZE)); 
  $responseHeader= substr($data,0,$skip);
  $data =  substr($data,$skip);

Get all the cookies:

  $e = 0;
  while(true){
    $s = strpos($responseHeader,'Set-Cookie: ',$e);
    if (!$s){break;}
    $s += 12;
    $e = strpos($responseHeader,';',$s);
    $cookie = substr($responseHeader,$s,$e-$s) ;
    $s = strpos($cookie,'=');
    $key = substr($cookie,0,$s);
    $value = substr($cookie,$s);
    $cookies[$key] = $value;
  }

Reconstruct the cookies:

 $cookie = '';
 $show = '';
 $delim = '';
 foreach ($cookies as $k => $v){
   $cookie .= "$delim$k$v";
   $delim = '; ';
 }

Then use:

curl_setopt($ch, CURLOPT_COOKIE, $cookie );

Many use:

CURLOPT_COOKIEJAR
CURLOPT_COOKIEFILE

There are many times the Cookie Jar does not work. If you are doing something simple, they work fine.

When there is a redirect or you need the cookies in a subsequent request where the Cookie Jar crumbles.

Especially problematic when you need some other data from the redirected page. I have run in to case where there are a series of up to half a dozen redirects and the cookies constantly change.

How to allow cURL to automatically add recived cookies to the request?

2 Answers2