first Here is my code setting up cookies in my response:
cookies = dist.create_signed_cookies(resource,expire_minutes=expire_minutes)
taco = HttpResponse(json.dumps(payload))
taco.set_cookie('CloudFront-Policy', cookies[1]['CloudFront-Policy'], domain=cookies[0], httponly=False)
taco.set_cookie('CloudFront-Signature', cookies[1]['CloudFront-Signature'], domain=cookies[0],
httponly=False)
taco.set_cookie('CloudFront-Key-Pair-Id', cookies[1]['CloudFront-Key-Pair-Id'], domain=cookies[0],
httponly=False)
print('here comes the tacos')
print(taco)
return taco
now when we go to the chrome inspector I do not see CloudFront-Policy, CloudFront-Signature
am I correct that these cookies are not being sent?
See no cloudfront url
Related
my site is shofitv.com
I have my backend sending cookies over so users may access a protected cloudFront Distro.
The cookies are being generated fine.
They are being set but when I check my cookies via inspect element in my cookie tab I see none of my cookies present.
here is my code
def generate_signed_cookies(resource,expire_minutes, payload):
"""
#resource path to s3 object inside bucket(or a wildcard path,e.g. '/blah/*' or '*')
#expire_minutes how many minutes before we expire these access credentials (within cookie)
return tuple of domain used in resource URL & dict of name=>value cookies
"""
if not resource:
resource = '*'
dist_id = DOWNLOAD_DIST_ID
conn = CloudFrontConnection(AWS_ACCESS_KEY, AWS_SECRET_KEY)
dist = SignedCookiedCloudfrontDistribution(conn,dist_id)
cookies = dist.create_signed_cookies(resource,expire_minutes=expire_minutes)
taco = HttpResponse(json.dumps(payload), content_type="application/json")
taco.set_cookie('CloudFront-Policy', cookies[1]['CloudFront-Policy'], httponly=False, domain="shofitv.com")
taco.set_cookie('CloudFront-Signature', cookies[1]['CloudFront-Signature'],
httponly=False, domain="shofitv.com")
taco.set_cookie('CloudFront-Key-Pair-Id', cookies[1]['CloudFront-Key-Pair-Id'],
httponly=False, domain="shofitv.com")
print('here is the taco')
print(taco)
return taco
again you wont see cloudFront-Policy, CloudFront-Signature or CloudFront-Key-Pair-Id in my cookies. And the functionality that this is supposed to enable isn't working. These two show me the cookies aren't coming over. What is the situation?
As per my understanding I am doing everything correctly
I'm attempting to retrieve an authentication cookie from a POST sign-in request. When I send this request using Postman, I see the cookie's value in the Cookies tab of the response in Postman.
Postman Response Cookies
My current Lua script is as follows:
local signInUrl = webBaseUrl.."/signin"
local signInResponse = http.request({"POST", signInUrl, headers={
["Content-Type"]="application/x-www-form-urlencoded",
["Referer"] = baseUrl}, data="UrlHash=&UserName="..username.."&Password=123&RememberMe=false", auto_decompress=true})
for i,v in pairs(signInResponse.cookies) do print(i,v) end
Printing out the value of the cookies returns a sessionId cookie and a return email cookie, but not the authentication cookie that I'm looking for.
I can see that the authentication cookie that I'm looking for is actually located in the Request Headers, in the Postman Console.
Postman Console
How would I go about getting the value of this cookie?
How do I open a Python Requests session in my browser? I have worked my way through a website using GETS and POSTS, and after doing so I want to open up the URL with all of the information I've sent to the website already sent.
Your information if mainly stored in your cookies. So you can import you cookies which stored in you session to a browser to open the url.
from requests.utils import dict_from_cookiejar
cookies = dict_from_cookiejar(s.cookies) # s is your session object
then open your browser(like chrome) with your cookies
driver = webdriver.Chrome()
# set browser cookies
for key, value in cookies.items():
driver.add_cookie({'name': key, 'value': value}) # TODO: may be "domain" would also be needed?
I am added a cookie key-value paire in firefox using firebug.
myid:12345
And get cookie from server like this:
var ccnid = CookieUtil.GetValue("myid");
Response.Write("myid:"+myid);
Response.End();
My website url like this:http://192.168.1.222:8889.
When set cookie domain like this:http://192.168.1.222. i browser the url:http://192.168.1.222:8889, the response is:myid:123456.
When set cookie domain like this:http://192.168.1.222:8889. i browser the url:http://192.168.1.222:8889, the response is:myid:.
Why could this happen?The domain:http://192.168.1.222:8889 could not access http://192.168.1.222:8889?
Just remove the port like this:http://192.168.1.222so your browser could read it,the cookie is having relationship with domain name,not ip+port.
Currently, I have an HTML page that sends a POST request to a Python server with login details. The Python server verifies the login and then sends back a cookie via headers (I'm using the Cookie class built into the Python library). I want to redirect as soon as I get a 200 OK status. The issue is that the cookies are not being set quickly enough, so the redirect happens before the cookies are set and thus the check_login page will display that I have not logged in.
I want the browser to store an HTTPOnly cookie. Is there something in the XMLHttpRequest API that will let me redirect after the cookie has been stored, or an alternative method?
Thanks!
The HTTPRequest code:
var httpRequest = new XMLHttpRequest();
var url = 'http://localhost/login/';
httpRequest.onreadystatechange = function(){
if (httpRequest.readyState == 4) {
if(httpRequest.status == 200) {
window.location = "http://localhost/check_login/";
}
};
httpRequest.open("POST", url,false);
httpRequest.setRequestHeader("Content-type","application/x-www-form-urlencoded");
httpRequest.send(/*login details*/);
This request is called by clicking a button. If I go back to the page that this button is on and then click it again, I will always be logged in because the cookie was already set from the first click.