Problems with Cookies

Marco Eberl's Avatar

Marco Eberl

08 May, 2015 09:18 AM


I have some issues with comitting a cookie.
First, autologin didn't work because the login-form is reloaded dynamically by Google Web Toolkit.
So i tried to commit two cookies: For example PHPSESSIONID=12345 and SSOSESSIONID=ABCDE

I use the WebGui and used the option Http Cookies. My input was


The result is following http header: Cookie:=
So name and value are empty.

Then i used the option http request headers:

Cookie: PHPSESSIONID=12345

The result is:

Cookie: phpsessionid: 12345
Ssosessionid: ABCDE

But cookie-name is supposed to be case-sensitive and so it doesn't work.

  1. Support Staff 1 Posted by Tasos Laskos on 08 May, 2015 12:28 PM

    Tasos Laskos's Avatar


    The empty cookies in your first example is a bug, I fixed it and currently testing it.

    When it comes to HTTP headers, the format of the Cookie value one needs to adhere to the RFC, in this case PHPSESSIONID=12345;SSOSESSIONID=ABCDE.

    The Arachni option to set the header would thus become: Cookie=PHPSESSIONID=12345;SSOSESSIONID=ABCDE

    The above will work fine and do what you want so you can bypass the aforementioned bug,

    Maybe I should change the HTTP headers option to accept raw headers in the future in full RFC format instead.

    Let me know if that solves your problem.


  2. 2 Posted by Marco Eberl on 08 May, 2015 01:19 PM

    Marco Eberl's Avatar

    Thanks for your reply. That solved it :)

  3. Support Staff 3 Posted by Tasos Laskos on 08 May, 2015 01:54 PM

    Tasos Laskos's Avatar

    Good to hear, the fix has been pushed to the experimental branch of the Framework.


  4. Tasos Laskos closed this discussion on 08 May, 2015 01:54 PM.

Comments are currently closed for this discussion. You can start a new one.

Keyboard shortcuts


? Show this help
ESC Blurs the current field

Comment Form

r Focus the comment reply box
^ + ↩ Submit the comment

You can use Command ⌘ instead of Control ^ on Mac