What does this change I'm seeing in this cURL HTTP POST cookie response indicate?

StackOverflow https://stackoverflow.com/questions/735861

Question

I'm using cURL and php to query an exchange server that has Forms Based Authentication turned on. Due to FBA being on I need to collect a user's cookie authentication ids first. Yesterday everything was working: then something changed overnight and stopped working. I noticed that the cookie ids I was getting back were different (not the ids themselves because they change with every new call. Rather, the format and other things changed).

I use to see this:

# Netscape HTTP Cookie File
# http://www.netscape.com/newsref/std/cookie_spec.html
# This file was generated by libcurl! Edit at your own risk.

sdgh.utest.edu  FALSE   /   FALSE   0   sessionid   aeddf34c-16fe-4126-8c96-da7a33d244b9
sdgh.utest.edu  FALSE   /   TRUE    0   cadata  "0x0zHQHA3o8Vcu/DK/MWp69xkkZAJkIMts3HrOeHc4a71GN0CbqnDLiadJfKfSsseiyyxkyyUhRQ="

And now I see this (notice the url on the second line and the "#HttpOnly_" in front of the 2nd id):

# Netscape HTTP Cookie File
# http://curl.haxx.se/rfc/cookie_spec.html
# This file was generated by libcurl! Edit at your own risk.

sdgh.utest.edu  FALSE   /   FALSE   0   sessionid   11358a02-233c-4425-8a83-6b8b69b21bcd
#HttpOnly_sdgh.utest.edu    FALSE   /   TRUE    0   cadata  "0FHKgxeq7st0DW57zl5HDgZ5gp7eRDqgfG6iAyxSf4TvyJI5aZI5wmPeiEHFloGo2bvH0fpnl52c="

Can anyone tell me what this sudden change indicates?
 Did something change on my web server?
Could it be the exchange server that I'm querying?
Did someone update cURL on me behind my back overnight?
Also, I do not have automatic updates happening on my web server.

Does anyone think this even implies that cURL was updated? I didn't update it as far as I can tell. When/why does cURL or libcurl switch from http://www.netscape.com/newsref/std/cookie_spec.html
to this
http://curl.haxx.se/rfc/cookie_spec.html

Thanks for the help!

Was it helpful?

Solution

Ok,here is an explanation for the #HttpOnly_ prefix: http://blog.php-security.org/archives/40-httpOnly-Cookies-in-Firefox-2.0.html

My understanding of the issue is that curl or libcurl was updated and that as a result, the server now sees it as a user-agent capable of dealing with #HttpOnly_ cookies.

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top