search

ducaale / xh

Friendly and fast tool for sending HTTP requests
MIT License
5.49k stars 96 forks source link

Support persisting cookies from multiple domains #314

Closed ducaale closed 1 year ago

ducaale commented 1 year ago

This can be useful when reusing anonymous sessions for multiple domains or when cookies are set as users are redirected from one domain to another.

Before:

{
  "__meta__": { "about": "xh session file", "xh": "0.0.0" },
  "auth": { "type": null, "raw_auth": null },
  "cookies": {
    "lang": { "value": "en" }
  },
  "headers": []
}

After:

{
  "__meta__": { "about": "xh session file", "xh": "0.0.0" },
  "auth": { "type": null, "raw_auth": null },
  "cookies": [
    { "name": "lang", "value": "en", "domain": "example.com" },
    { "name": "lang", "value": "ar", "domain": "example.org" }
  ],
  "headers": []
}

Resolves https://github.com/ducaale/xh/issues/244

ducaale commented 1 year ago

The cookie crate is where the leading dot is removed from the domain. See https://github.com/SergioBenitez/cookie-rs/issues/73

I was initially tempted to declare it as an HTTPie bug, but the behaviour is consistent with Requests' cookie jar

Python 3.10.12 (main, Jun 11 2023, 05:26:28) [GCC 11.4.0] on linux
Type "help", "copyright", "credits" or "license" for more information.
>>> import requests
>>> import http.cookies
>>>
>>> cookie_jar = requests.cookies.RequestsCookieJar()
>>> cookie_jar.update(http.cookies.SimpleCookie('hello=world; Path=/; HttpOnly; Secure; Domain=example.com;'))
>>> cookie_jar.update(http.cookies.SimpleCookie('hello=world; Path=/; HttpOnly; Secure; Domain=.example.com;'))
>>> cookie_jar
<RequestsCookieJar[Cookie(version=0, name='hello', value='world', port=None, port_specified=False, domain='.example.com', domain_specified=True, domain_initial_dot=True, path='/', path_specified=True, secure=True, expires=None, discard=False, comment='', comment_url=False, rest={'HttpOnly': True}, rfc2109=False), Cookie(version=0, name='hello', value='world', port=None, port_specified=False, domain='example.com', domain_specified=True, domain_initial_dot=False, path='/', path_specified=True, secure=True, expires=None, discard=False, comment='', comment_url=False, rest={'HttpOnly': True}, rfc2109=False)]>
blyxxyz commented 1 year ago

Hmmm. Both Firefox and Chromium seem to remember (in the dev tools and in the cookies sqlite db) whether there was a leading dot, even if they presumably ignore it in the end.

Is there an easy way for us to remember it too?

ducaale commented 1 year ago

I can't think of a way that doesn't involve forking cookie-rs and cookie-store.

A somewhat random question; do you go with git-rebase or git-merge when bringing changes back from master to a feature branch?

blyxxyz commented 1 year ago

Yeah, I don't see a way either. Let's leave this as it is.

I think it'd be good to document this divergence from HTTPie somewhere, though it's too obscure to go in the README. ("Formatted output is always UTF-8" also doesn't really belong there I think, it needs a longer explanation to clarify what it even means.) Maybe a separate markdown file?

do you go with git-rebase or git-merge when bringing changes back from master to a feature branch?

I usually don't rebase if I already made a PR or if I touched code/logic that changed in master. Otherwise things can get messy.

ducaale commented 1 year ago

I think it'd be good to document this divergence from HTTPie somewhere, though it's too obscure to go in the README. ("Formatted output is always UTF-8" also doesn't really belong there I think, it needs a longer explanation to clarify what it even means.) Maybe a separate markdown file?

Shall we track it as an issue for now? I have now documented couple of existing differences in https://github.com/ducaale/xh/issues/322