PDA

View Full Version : Setting a cookie for a Qhttp connection



Nyphel
4th April 2007, 12:59
Hello,

I've heard that it was possible to set a cookie for a QHttp connection, while I was searching the solution . The search function of the forum has shown me various posts, but none explain how to use the cookies.

Could you give me a tip, please ?

Thanks :)



My source :


QHttp *RC_http;
RC_http = new QHttp("courriel", 80);
RC_httpId = RC_http->get("/index.php?tg=addon/46/main&idx=aac");

courriel stands for a local host and let me see the "?tg=addon/46/main&idx=aac" page only if I'm authentificated. So I do a post() request on index.php in order to be authenticated, but I need to get the cookie in order to send it with the get() call.

wysota
4th April 2007, 13:40
You'll have to use the request() method instead of get() and set the cookie header (Cookie: name=value) in the QHttpRequestHeader object.

Nyphel
4th April 2007, 14:51
Thanks Wysota, I made it :)



// header
QHttpRequestHeader header("GET", "/index.php?tg=addon/46/main&idx=aac");
header.setValue("Host", "courriel");
header.setValue("Cookie", "OV1274289294=8bffb00c3b0917a3c446531973dcd8c7");
header.setContentType("application/x-www-form-urlencoded");

// request
RC_httpId = RC_http->request(header);

That's nice, but the cookie value change for each new connection.
So, when my application do a post() request in order to log in, there is a new cookie value... And when my application wants to do the get() request, sha must know the new cookie value.

So, is it possible to get the cookie value when I do a post() request ?
Here is my post() request :

// content
//QByteArray content("nickname=Stagiaire&password=QDMSy9P&submit=Connexion");
QByteArray content = "";
content.append("nickname");
content.append("=");
content.append(identifiant);
content.append("&");
content.append("password");
content.append("=");
content.append(password);
content.append("&");
content.append("submit");
content.append("=");
content.append("Connexion");

// header
QHttpRequestHeader header("POST", "/index.php");
header.setValue("Host", "courriel");
header.setContentType("application/x-www-form-urlencoded");
header.setContentLength(content.length());

// request
IL_httpId = IL_http->request(header, content);


IL_http is connected to the done(bool) signal, wich calls a slot in order to read th response (performing a simple "QByteArray reponse = IL_http->readAll();").
The reponse QBteArray holds the content of the page that is displayed when the user tries to longgin on the website, but I can't see the cookie value...
IL_http is also connected to the signals requestFinished(int, bool) and responseHeaderReceived(const QHttpResponseHeader &), in order to detect if an errors has occured... I've heard that this last signal should help me, but I don't understand how.

wysota
4th April 2007, 15:10
Do the same the other way round - look for "Set-cookie:" header in http response header.

Nyphel
4th April 2007, 15:20
Oki !


connect(IL_http, SIGNAL(responseHeaderReceived(const QHttpResponseHeader &)),
this, SLOT(SLOT_IL_readResponseHeader(const QHttpResponseHeader &)));


void HTTPChecker::SLOT_IL_readResponseHeader(const QHttpResponseHeader &responseHeader)
{
std::cout << "\n\n" << (responseHeader.toString()).toStdString() << std::endl;
if (responseHeader.statusCode() != 200)
{
IL_NB_erreurs = IL_NB_erreurs + 1;
std::cout << "\n\nERREUR (IL_readResponseHeader) : " << (responseHeader.reasonPhrase()).toStdString() << std::endl;
return;
}
}

And this returned me the responseHeader content :

HTTP/1.1 200 OK
date: Wed, 04 Apr 2007 13:15:44 GMT
server: Apache/2.0.54 (Debian GNU/Linux) PHP/5.1.6-1~bpo.1 mod_ssl/2.0.54 OpenSSL/0.9.7e
x-powered-by: PHP/5.1.6-1~bpo.1
set-cookie: OV1274289294=a13f0dc68488034b668c01f61f03de50; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
content-length: 4053
content-type: text/html


Here is the cookie value :)
I think that I can get only the cookie value be calling QHttpHeader::value() or QHttpHeader::values().

Thanks a lot for your help Wysota :)

Nyphel
4th April 2007, 16:40
I don't understand well...

1) I authenticate manually, using my navigator.
A plug-in give me the cookie value.
I set this value to my header (for my QHttp objet), in my application.
While I'm still connected with the navigator, I launch my application in order to get a page that is behind the authtentification one.
OK : I can acces and download this document.

2) If I use only my application and get the cookie value while I'm authenticating me (A Qhttp object that perform a post()),
and if I set this cookie value to my header of the second Qhttp objet, the one that will do the post() request,
I can't acces to the document :(.

wysota
4th April 2007, 18:49
Does the "authentication" involve only the cookie? Could you please check what exact headers are sent to and from the browser?

Nyphel
5th April 2007, 09:40
So, I need to log in the "courriel" page with a POST() request.

Here is the HTML form :


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>

[...]

<form method="post" action="index.php">

<input type="hidden" name="tg" value="login">
<input type="hidden" name="referer" value="http%3A%2F%2Fcourriel%2Findex.php">
<input type="hidden" name="login" value="login">

<br><br>
<table width="50%" border="0" cellspacing="0" cellpadding="2" align="center">
<tr>
<td class="BabLoginCadreBackground" align="center" valign="middle">
<table class="BabLoginMenuBackground" width="100%" border="0" cellspacing="0" cellpadding="5" align="center">
<tr>
<td width="30%" align="right">Identifiant : </td>
<td>
<input type="text" name="nickname" value="" size="20" maxlength="255">
</td>

</tr>
<tr>
<td align="right">Mot de passe : </td>
<td>
<input type="password" name="password" size="20" maxlength="30">
</td>
</tr>
<tr>
<td align="right">Mémoriser mon identité sur cet ordinateur : </td>

<td>
<select name="lifetime">
<option value="0">Non</option>
<option value="18000" selected>5 heures</option>
<option value="36000">10 heures</option>
</select>
</td>
</tr>


<tr valign="middle">
<td colspan="2" align="center">
<input type="submit" name="submit" value="Connexion">
</td>
</tr>
</table>
</td>
</tr>
</table>
</form>

</div>
</div>
<script type="text/javascript">
faux_onload();
</script>
</div>



</body>
</html>



Here are the headers detected when I enter the "courriel" adress in my navigator (Fiefox) :


http://courriel/

REQUEST :
GET / HTTP/1.1
Host: courriel
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; fr; rv:1.8.1.3) Gecko/20070309 Firefox/2.0.0.3
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Language: fr,fr-fr;q=0.8,en-us;q=0.5,en;q=0.3
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 300
Connection: keep-alive
Cookie: OV1274289294=b976dcbd8c1f5190d9b45bcd93bdb178

RESPONSE :
HTTP/1.x 200 OK
Date: Thu, 05 Apr 2007 07:19:23 GMT
Server: Apache/2.0.54 (Debian GNU/Linux) PHP/5.1.6-1~bpo.1 mod_ssl/2.0.54 OpenSSL/0.9.7e
X-Powered-By: PHP/5.1.6-1~bpo.1
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 4053
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/html


And here is what is detected when I log-in manually, with good identifiers :


http://courriel/index.php

REQUEST :
POST /index.php HTTP/1.1
Host: courriel
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; fr; rv:1.8.1.3) Gecko/20070309 Firefox/2.0.0.3
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Language: fr,fr-fr;q=0.8,en-us;q=0.5,en;q=0.3
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 300
Connection: keep-alive
Referer: http://courriel/
Cookie: OV1274289294=b976dcbd8c1f5190d9b45bcd93bdb178
Content-Type: application/x-www-form-urlencoded
Content-Length: 85
tg=login&login=login&referer=&nickname=stagiaire&password=%2FQDMSy9P&submit=Connexion

RESPONSE :
HTTP/1.x 302 Found
Date: Thu, 05 Apr 2007 07:23:50 GMT
Server: Apache/2.0.54 (Debian GNU/Linux) PHP/5.1.6-1~bpo.1 mod_ssl/2.0.54 OpenSSL/0.9.7e
X-Powered-By: PHP/5.1.6-1~bpo.1
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 4064
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/html


And now with bad identifiers :


http://courriel/index.php

REQUEST :
POST /index.php HTTP/1.1
Host: courriel
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; fr; rv:1.8.1.3) Gecko/20070309 Firefox/2.0.0.3
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Language: fr,fr-fr;q=0.8,en-us;q=0.5,en;q=0.3
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 300
Connection: keep-alive
Referer: http://courriel/
Cookie: OV1274289294=b976dcbd8c1f5190d9b45bcd93bdb178
Content-Type: application/x-www-form-urlencoded
Content-Length: 85
tg=login&login=login&referer=&nickname=stagiaire&password=%2FQDMSy9P&submit=Connexion

RESPONSE :
HTTP/1.x 302 Found
Date: Thu, 05 Apr 2007 07:23:50 GMT
Server: Apache/2.0.54 (Debian GNU/Linux) PHP/5.1.6-1~bpo.1 mod_ssl/2.0.54 OpenSSL/0.9.7e
X-Powered-By: PHP/5.1.6-1~bpo.1
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 4064
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/html

Nyphel
5th April 2007, 10:07
Perhaps would you want to get a look to my code :
"IL" (Intranet_Login) concerns the initial POST() request, that connect the client to the "courriel" page (authentification).
"RC" (Recuperer_Comptes) concerns the GET() request, that download a page once we are connected.
The initial request (post) get the cookie value and store it in "cookie".
The second request (get) set this cookie value in his header.

#include <QApplication>
#include <QByteArray>
#include <iostream>

#include "HTTPChecker.h"

int main(int argc, char *argv[])
{
QApplication app(argc, argv);

identifiant = "Stagiaire";
password = "/QDMSy9P";

HTTPChecker *httpChecker = new HTTPChecker();
httpChecker->Intranet_Login(identifiant, password);

return app.exec();
}


HTTPChecker::HTTPChecker() : QObject()
{
cookie = ""; // Holds the cookie value, from the POST() request

IL_NB_erreurs = 0;
IL_http = new QHttp("courriel", 80);

connect(IL_http, SIGNAL(done(bool)), this, SLOT(SLOT_IL_showPage()));
connect(IL_http, SIGNAL(requestFinished(int, bool)), this, SLOT(SLOT_IL_httpRequestFinished(int, bool)));
connect(IL_http, SIGNAL(responseHeaderReceived(const QHttpResponseHeader &)),this, SLOT(SLOT_IL_readResponseHeader(const QHttpResponseHeader &)));

RC_NB_erreurs = 0;
RC_http = new QHttp("courriel", 80);

connect(RC_http, SIGNAL(done(bool)), this, SLOT(SLOT_RC_showPage()));
connect(RC_http, SIGNAL(requestFinished(int, bool)), this, SLOT(SLOT_RC_httpRequestFinished(int, bool)));
connect(RC_http, SIGNAL(responseHeaderReceived(const QHttpResponseHeader &)),this, SLOT(SLOT_RC_readResponseHeader(const QHttpResponseHeader &)));
}


First request : authentification :

void HTTPChecker::Intranet_Login(QByteArray identifiant, QByteArray password)
{
// content //tg=login&login=login&referer=&nickname=stagiaire&password=%2FQDMSy9P&submit=Connexion

QByteArray content = "";
content.append("tr");
content.append("=");
content.append("login");
content.append("login");
content.append("=");
content.append("login");
content.append("referer");
content.append("=");
content.append("");
content.append("nickname");
content.append("=");
content.append(identifiant);
content.append("&");
content.append("password");
content.append("=");
content.append(password);
content.append("&");
content.append("submit");
content.append("=");
content.append("Connexion");

// header
QHttpRequestHeader header("POST", "/index.php");
header.setValue("Host", "courriel");
header.setContentType("application/x-www-form-urlencoded");
header.setContentLength(content.length());

// request
IL_httpId = IL_http->request(header, content);
}


void HTTPChecker::SLOT_IL_showPage()
{
if (IL_NB_erreurs == 0)
{
QByteArray reponse = IL_http->readAll();

QString reponse_lisible = "";
reponse_lisible.append(reponse);
reponse_lisible = reponse_lisible.section("** ",1,1);
reponse_lisible = reponse_lisible.section(" **",0,0);

std::cout << "-=" << reponse_lisible.toStdString() << "=-" << std::endl;
}
else
{
std::cout << "\n\nREPONSE : =-ERREURS-=\n---------" << std::endl;
}
Recuperer_Comptes(); // Call the second request
}


void HTTPChecker::SLOT_IL_httpRequestFinished(int requestId, bool error)
{
if (requestId != IL_httpId)
return;

if (error)
{
IL_NB_erreurs = IL_NB_erreurs + 1;
std::cout << "\n\nERREUR (IL_httpRequestFinished) : " << (IL_http->errorString()).toStdString() << std::endl;
}
}

void HTTPChecker::SLOT_IL_readResponseHeader(const QHttpResponseHeader &responseHeader)
{
if (responseHeader.statusCode() != 200)
{
IL_NB_erreurs = IL_NB_erreurs + 1;
std::cout << "\n\nERREUR (IL_readResponseHeader) : " << (responseHeader.reasonPhrase()).toStdString() << std::endl;
return;
}

QString cookie_value = responseHeader.value("set-cookie");
cookie_value = cookie_value.section(";", 0, 0);
cookie = cookie_value; // Store teh cokie value, for the second request
}


Second request : the download of a page

void HTTPChecker::Recuperer_Comptes()
{
// header
QHttpRequestHeader header("GET", "/index.php?tg=addon/46/main&idx=aac");
header.setValue("Host", "courriel");
header.setValue("Cookie", cookie);
header.setContentType("application/x-www-form-urlencoded");

std::cout << "\n\n" << (header.toString()).toStdString() << std::endl;

// request
RC_httpId = RC_http->request(header);
}


void HTTPChecker::SLOT_RC_showPage()
{
if (RC_NB_erreurs == 0)
{
QByteArray reponse = RC_http->readAll();

QString reponse_lisible = "";
reponse_lisible.append(reponse);
std::cout << reponse_lisible.toStdString() << std::endl;
}
else
{
std::cout << "\n\nREPONSE : =-ERREURS-=\n---------" << std::endl;
}
Quitter();
}


void HTTPChecker::SLOT_RC_httpRequestFinished(int requestId, bool error)
{
if (requestId != RC_httpId)
return;

if (error)
{
RC_NB_erreurs = RC_NB_erreurs + 1;
std::cout << "\n\nERREUR (RC_httpRequestFinished) : " << (RC_http->errorString()).toStdString() << std::endl;
}
}

void HTTPChecker::SLOT_RC_readResponseHeader(const QHttpResponseHeader &responseHeader)
{
if (responseHeader.statusCode() != 200)
{
RC_NB_erreurs = RC_NB_erreurs + 1;
std::cout << "\n\nERREUR (RC_readResponseHeader) : " << (responseHeader.reasonPhrase()).toStdString() << std::endl;
return;
}
}


Isn't it good ? :(

Another idea :
My account for testing is : "Stagiaire" - "/QDMSy9P".
If we have a look to the headers shown by the navigator, we can see that "/QDMSy9P" becomes "%2FQDMSy9P".
And my request, in the application, send "/QDMSy9P".
I dont think this is a problem, cause when I test with "Stagiaire" - "%2FQDMSy9P", nothing changes.

patrik08
5th April 2007, 10:36
To grab cookie i make it so..... code down ....
grab check and resend ..... next session....

otherwise if i upload big file i use method PUT && PHP
is faster as post!

http://www.qtforum.de/forum/viewtopic.php?t=3085

and i send one virtual cookie nr. "2352Rt35j235-252Zu532kh5-3252" to autenficate on php script
and one cookie wo place to save file .... simply 10 line code...





typedef QMap<int, QStringList> cookiepam;

cookiepam ActualCook;

/* each request i resend the cookie from last session phpsession id... or other */
QStringList resendcoo;
resendcoo.clear();
cookiepam ::Iterator it;
for ( it = ActualCook.begin(); it != ActualCook.end(); ++it ) {
QStringList resi = it.value();
QString name = resi.at(0);
QString oneci = QString("%1=%2").arg(name).arg(resi.at(1));
resendcoo.append(oneci);
}
header.setValue("Cookie",resendcoo.join(";"));




/* take cookie from header */
void RegisterCookie(const QHttpResponseHeader &responseHeader )
{
ActualCook.clear();
QStringList cookielist = responseHeader.allValues("set-cookie");
for (int i = 0; i < cookielist.size(); ++i) {
QString cokeline = cookielist.at(i);
QStringList onlines = cokeline.split("=");
QString cookiename = onlines.at(0);
QString cookievalue = onlines.at(1);
ActualCook.insert(i,QStringList() << cookiename << Url_Decode(cookievalue) << actualurl);
/////////////////qDebug() << "### entry set-cookie pos=" << i << " name= " << cookiename << " value=" << Url_Decode(cookievalue);
}
//////////emit WatReturn(QString("One code=%1 - Other say = %2 \n%3").arg( responseHeader.statusCode() ).arg( responseHeader.reasonPhrase() ).arg(CookieVars()) );
}

/* decode cookie value */
QString Base_Function::Url_Decode( QString indata )
{
/*
http://www.blooberry.com/indexdot/html/topics/urlencoding.htm
Dollar ("$") 24
Ampersand ("&") 26
Plus ("+") 2B
Comma (",") 2C
Forward slash/Virgule ("/") 2F
Colon (":") 3A
Semi-colon (";") 3B
Equals ("=") 3D
Question mark ("?") 3F
'At' symbol ("@") 40
Left Curly Brace ("{") 7B
Right Curly Brace ("}") 7D
Vertical Bar/Pipe ("|") 7C
Backslash ("\") 5C
Caret ("^") 5E
Tilde ("~") 7E
Left Square Bracket ("[") 5B
Right Square Bracket ("]") 5D
Grave Accent ("`") 60
*/
QString blnull = "";
QString notaccept = "%60|%5D|%5B|%7E|%5E|%5C|%7C|%7D|%7B";
QStringList notallow;
notallow = notaccept.split("|");

for (int i = 0; i < notallow.size(); ++i) {
if ( indata.contains(notallow.at(i)) ) {
return blnull;
}
}

QString spaceout = indata.replace("%20"," ");
spaceout = spaceout.replace("%3A",":");
spaceout = spaceout.replace("%3B",";");
spaceout = spaceout.replace("%3D","=");
spaceout = spaceout.replace("%2F","/");
spaceout = spaceout.replace("%3F","?");
spaceout = spaceout.replace("%40","@");
spaceout = spaceout.replace("%24","$");
spaceout = spaceout.replace("%2B","+");
spaceout = spaceout.replace("+"," ");
int zool = spaceout.indexOf(";",0);
return spaceout.left(zool);;
}

wysota
5th April 2007, 11:08
Are you sure your POST request is correct? Try setting up a fake server and check if the content the server receives is exactly the same for a regular browser and your manual auth. Under Unix you could use netcat for that, but I don't know if it's available for Windows.

Nyphel
5th April 2007, 12:02
That's what I made last week :).
I think my post request is correct, but perhaps is there an authentification problem.
The webmaster said me I was authenticated as an external user, and in this case the server unauthentificate me each time the connection is close (closing Firefox for example). So, perhaps, I'm unauthentificated cause I use 2 QHttp objetcs...

I'll try to see that, and confirm that I'm correctly logged-in with the first request :)

patrik08
5th April 2007, 12:14
That's what I made last week :).
I think my post request is correct, but perhaps is there an authentification problem.
The webmaster said me I was authenticated as an external user, and in this case the server unauthentificate me each time the connection is close (closing Firefox for example). So, perhaps, I'm unauthentificated cause I use 2 QHttp objetcs...

I'll try to see that, and confirm that I'm correctly logged-in with the first request :)


if you have quote..
If we have a look to the headers shown by the navigator, we can see that "/QDMSy9P" becomes "%2FQDMSy9P".
http://www.blooberry.com/indexdot/html/topics/urlencoding.htm urldecode problem....
if you grab cookie must decode and resend qstring can not decode url string!!

Grab before post ... the form page .... on get method the form page .... to take phpsession code cookie ..
i suppose if php can not init session your post is invalid! why session is not init!

first ....
1- QHttp get ( formpage_client ) take session PHPSESSIONID= xxxxxxxx
and
2- QHttp post ( form data ) +session + referrer ( PHPSESSIONID= xxxxxxxx ) cookie and param ...
like firefox method....

otherwise session on server not valid ASP have it a same mechanismous ... if the session ist not incomming server suppose a hack...

wysota
5th April 2007, 13:00
The webmaster said me I was authenticated as an external user, and in this case the server unauthentificate me each time the connection is close (closing Firefox for example).
I don't think this is the case. Closing a connection can happen without closing the browser - the server will close the connection about a few seconds without seeing another request coming, so you'd end up with the same effect in Firefox which I guess is not the case.
When the browser closes, it may discard the cookie, but the server won't be notified about it, so this shouldn't influence your requests either.

Nyphel
5th April 2007, 14:51
You are true : my first request (the POST one, in order to be authentificated) is wrong.
I got a cookie, but i was not logged-in.

Moreover, my header content wasn't well written :

QByteArray content = "";
content.append("tr");
content.append("=");
content.append("login");
content.append("login");
content.append("=");
content.append("login");
content.append("referer");
content.append("=");
content.append("");
content.append("nickname");
content.append("=");
content.append(identifiant);
content.append("&");
content.append("password");
content.append("=");
content.append(password);
content.append("&");
content.append("submit");
content.append("=");
content.append("Connexion");
Some "&" were missing !

So here is my new content :

QByteArray content = "";

content.append("tr");
content.append("=");
content.append("login");
content.append("&");
content.append("login");
content.append("=");
content.append("login");
content.append("&");
content.append("referer");
content.append("=");
content.append("http%3A%2F%2Fcourriel%2Findex.php");
content.append("&");

content.append("nickname");
content.append("=");
content.append("Stagiaire");
content.append("&");
content.append("password");
content.append("=");
content.append("%2FQDMSy9P");
content.append("&");
content.append("lifetime");
content.append("=");
content.append("10000");
content.append("&");
content.append("submit");
content.append("=");
content.append("Connexion");

In order to prevent url encoding errors, wrote the "/" directly with "%2F".
Now, my responseHeaderReceived() signal catch an error :
statusCode = 302
reasonPhrase = Found

That's strange, cause the 302 error indicates that the Web server thinks that my URL has been temporarily redirected to another URL.

Here is the full responseHeader :

HTTP/1.1 302 Found
date: Thu, 05 Apr 2007 12:55:23 GMT
server: Apache/2.0.54 (Debian GNU/Linux) PHP/5.1.6-1~bpo.1 mod_ssl/2.0.54 OpenSSL/0.9.7e
x-powered-by: PHP/5.1.6-1~bpo.1
set-cookie: OV1274289294=b5ca1f5abaeea5cb6944080a88adc958; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
set-cookie: c_nickname=Stagiaire; expires=Thu, 05-Apr-2007 15:42:03 GMT
set-cookie: c_password=a07390205157ca30543f2128de117385; expires=Thu, 05-Apr-2007 15:42:03 GMT
location: http://courriel/index.php
transfer-encoding: chunked
content-type: text/html


Now, I'm logged in and everything is OK... If I don't care about the 302 error.
So, I've you got an idea to explain why I get such error, please ? :)

wysota
5th April 2007, 15:19
Should this script set those cookies (lines 9 and 10 of the above output) in that situation? You'd have to ask the script author what 302 means in this case :) It contains a redirection to index.php so looks like everything is fine, you should follow the location. It probably just redirects you to the proper page after login.

Nyphel
5th April 2007, 16:30
The cookies of lines 9 and 10 seems to be corresponding with the authentification... But I don't think they are usefull. I think that they are identifying the longgin session period.

About the redirection :

<form method="post" action="index.php">

<input type="hidden" name="referer" value="http%3A%2F%2Fcourriel%2Findex.php">
The redirection targets the same page as the form action :rolleyes:.
Ok, I will discuss about that with the webmaster.

Thanks a lot Wysota and Patrick, now I understand better the cookies and how managing them with Qt4/ QHttp :)