Problems with Cookies
Hey,
I have some issues with comitting a cookie.
First, autologin didn't work because the login-form is reloaded
dynamically by Google Web Toolkit.
So i tried to commit two cookies: For example PHPSESSIONID=12345
and SSOSESSIONID=ABCDE
I use the WebGui and used the option Http Cookies. My input
was
PHPSESSIONID=12345
SSOSESSIONID=ABCDE
The result is following http header: Cookie:=
So name and value are empty.
Then i used the option http request headers:
Cookie: PHPSESSIONID=12345
SSOSESSIONID=ABCDE
The result is:
Cookie: phpsessionid: 12345
Ssosessionid: ABCDE
But cookie-name is supposed to be case-sensitive and so it doesn't work.
Comments are currently closed for this discussion. You can start a new one.
Keyboard shortcuts
Generic
| ? | Show this help |
|---|---|
| ESC | Blurs the current field |
Comment Form
| r | Focus the comment reply box |
|---|---|
| ^ + ↩ | Submit the comment |
You can use Command ⌘ instead of Control ^ on Mac
Support Staff 1 Posted by Tasos Laskos on 08 May, 2015 12:28 PM
Hello,
The empty cookies in your first example is a bug, I fixed it and currently testing it.
When it comes to HTTP headers, the format of the
Cookievalue one needs to adhere to the RFC, in this casePHPSESSIONID=12345;SSOSESSIONID=ABCDE.The Arachni option to set the header would thus become:
Cookie=PHPSESSIONID=12345;SSOSESSIONID=ABCDEThe above will work fine and do what you want so you can bypass the aforementioned bug,
Maybe I should change the HTTP headers option to accept raw headers in the future in full RFC format instead.
Let me know if that solves your problem.
Cheers
2 Posted by Marco Eberl on 08 May, 2015 01:19 PM
Hey,
Thanks for your reply. That solved it :)
Support Staff 3 Posted by Tasos Laskos on 08 May, 2015 01:54 PM
Good to hear, the fix has been pushed to the experimental branch of the Framework.
Cheers
Tasos Laskos closed this discussion on 08 May, 2015 01:54 PM.