spakendralo / chrome-rest-client

Automatically exported from code.google.com/p/chrome-rest-client
0 stars 0 forks source link

header cookie is encrypted #264

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago
What steps will reproduce the problem?
1. for "Headers:" enter "Cookie: mycookie=1"
2. submit GET request
3. on server-side examine header for "Cookie" and view encrypted strings

What is the expected output? What do you see instead?
Not sure about expected-value for server-side header "Cookie", but what would 
cause the cookie info to be encrypted and how can I send plain-text ( if 
possible ) ? 

On what operating system, browser and browser version?
Windows 7 , Chrome Version 35.0.1916.153 m

Please provide any additional information below.
I am viewing headers via F5 BIG-IP iRule log statements.

Original issue reported on code.google.com by john.art...@gmail.com on 13 Jul 2014 at 12:17

GoogleCodeExporter commented 9 years ago

Original comment by jarro...@gmail.com on 22 Sep 2014 at 3:12

GoogleCodeExporter commented 9 years ago
This is a very cryptic comment.  
Is it saying that Host header will not be supported?  That's a complete 
showstopper for a lot of local testing of domain-based web applications, e.g., 
where the host portion of the URL is "localhost:8080" but the Host header 
indicates the virtual host.  Extremely common use case, and very disappointing 
that it doesn't work in the Advanced Rest Client. 

Compare with curl, e.g.,

curl -H"Host: www.virtualdomain.com" -XGET http://localhost:8080/api/

Original comment by jmcgill....@gmail.com on 23 Sep 2014 at 8:33

GoogleCodeExporter commented 9 years ago
But still, since web security model disallows overriding this header there's 
nothing I can do. There's no API where I can override this and couple more 
headers.

I'm working on socket's implementation for making a request but until Chrome 
team implement SSL connections on sockets there's no point in doing it.

Original comment by jarro...@gmail.com on 23 Sep 2014 at 9:21