Maintaining session and cookies over a 302 redirect

StackOverflow https://stackoverflow.com//questions/21034087

  •  21-12-2019
  •  | 
  •  

Question

I am trying to make fetch a PDF file that gets generated on-demand behind an auth wall. Based on my testing, the flow is as follows:

I make a GET request with several parameters (including auth credentials) to the appropriate page. That page validates my credentials and then processes my request. When the request is finished processing (nearly instantly), I am sent a 302 response that redirects me to the location of the generated PDF. This PDF can then only be accessed by that session.

Using a browser, there's really nothing strange that happens. I attempted to do the same via curl and wget without any optional parameters, but those both failed. I was able to get curl working by adding -L -b /tmp/cookie.txt as options, though (to follow redirects and store cookies).

According to the ruby-doc, using Net::HTTP.start should get me close to what I want. After playing around with it, I was indeed fairly close. I believe the only issue, however, was that my Set-Cookie values were different between requests, even though they were using the same http object in the same start block.

I tried keeping it as simple as possible and then expanding once I got the results I was looking for:

url = URI.parse("http://dev.example.com:8888/path/to/page.jsp?option1=test1&option2=test2&username=user1&password=password1")

Net::HTTP.start(url.host, url.port) do |http|
    # Request the first URL
    first_req = Net::HTTP::Get.new url
    first_res = http.request first_req

    # Grab the 302 redirect location (it will always be relative like "../servlet/sendfile/result/543675843657843965743895642865273847328.pdf")
    redirect_loc = URI.parse(first_res['Location']

    # Request the PDF
    second_req = Net::HTTP::Get.new redirect_loc
    second_res = http.request first_req
end

I also attempted to use http.get instead of creating a new request each time, but still no luck.

Was it helpful?

Solution

The problem is with cookie: it should be passed within the second request. Smth like:

second_req = Net::HTTP::Get.new(uri.path, {'Cookie' => first_req['Set-Cookie']})
Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top