- Home /
WWW and cookies/login
I'm trying to make an interface for a browser-based game. I need to be able to have the user log in, which if I'm not mistaken means I need to send a cookie with the WWW request. I don't see a way for that to be done. Am I missing it, or is it not possible with the WWW class?
Answer by Bunny83 · May 20, 2012 at 07:32 PM
You can use the responseHeaders of the WWW class. It is still undocumented. It's simply a Hashtable / Dictionary of all header fields from the last response. Keep in mind that webservers don't send a "Set-Cookie" header when you passed the cookie in the request header. For the request headers you have to use the third version of the WWW constructor, which you can find at the bottom of this page.
So when you send your login POST request without a "Cookie" header, the Webserver should include a SetCookie header with your session ID. Next time you send a request you would include a "Cookie" header in your request. The response usually don't include another Set-Cookie since the server knows you have the cookie.
For more information see Cookie.
O$$anonymous$$, thanks, that works so far. It gives me a session ID.
How do I pass the cookie with the header? WWWForm.headers is readonly, which makes this not work:
WWWForm loginCookie = new WWWForm();
loginCookie.headers = loginQuery.responseHeaders;
Debug.Log("Loading game...");
WWW myGame = new WWW("http://www.conquerclub.com/game.php?game="+gameID, loginCookie);
I tried this (sessionID is a string that looks like: "PHPSESSID=fvcrj18e9b7hr4tlb91hv1mhj6" (using the data pulled out of loginQuery.responseHeaders)
WWWForm loginCookie = new WWWForm();
loginCookie.AddField("Cookie", sessionID);
Debug.Log("Loading game...");
WWW myGame = new WWW("http://www.conquerclub.com/game.php?game="+gameID, loginCookie);
But this gives me a WWW.error if "necessary data rewind wasn't possible"
If you need to use WWWForm, you have to combine the headers created by the WWWForm and add your additional ones and finally use the WWW constructor that takes 3 parameters:
WWWForm myPostData = new WWWForm();
myPostData.AddField("your user data", data);
Hashtable headers = myPostData.headers;
headers.Add("Cookie",sessionID);
WWW myGame = new WWW("http://www.conquerclub.com/game.php?game="+gameID, myPostData.data, headers);
If you actually don't need post data and just want to use a GET request pass null as post data.
Hashtable headers = new Hashtable();
headers.Add("Cookie",sessionID);
WWW myGame = new WWW("http://www.conquerclub.com/game.php?game="+gameID, null, headers);
Haven't tested or compiled it, just wrote it from scratch but should work that way.
Hmm, since the WWWForm.headers is a Hashtable (so it's a reference type) i guess you can just add your "Cookie" field and use the form directly as well. Read only means you can't set a new Hashtable to the property, but you can add fields to the hashtable itself.
WWWForm myPostData = new WWWForm();
myPostData.AddField("your user data", data);
myPostData.headers.Add("Cookie",sessionID);
WWW myGame = new WWW("http://www.conquerclub.com/game.php?game="+gameID, myPostData);
I'm trying to figure out how the hell the real webpage even knows what session it is. I assumed the page sent cookies in the request, but inspecting the request header in Safari (while logged in)....
Origin: http://www.conquerclub.com
Accept-Encoding: gzip, deflate
Accept-Language: en-us
User-Agent: $$anonymous$$ozilla/5.0 ($$anonymous$$acintosh; Intel $$anonymous$$ac OS X 10_7_3) AppleWeb$$anonymous$$it/534.55.3 ($$anonymous$$HT$$anonymous$$L, like Gecko) Version/5.1.5 Safari/534.55.3
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cache-Control: max-age=0
Referer: http://www.conquerclub.com/public.php?
mode=login&redirect=game.php%3Fgame%3D11087909
Nothing! I don't know a lot about the subject of HTTP and cookies and such... I have no idea how the CC webpage server knows that I'm me when I go there in the browser. Any ideas where else I could look?
I just registered myself on this site and i guess your problem is that the page uses several Set-Cookie headers.
The problem with multiple Set-Cookie headers is that Unity uses a Hashtable to store the response headers. Hashtables provide easy access to the headersfields, but each header can only exist once. If there are two or more Set-Cookie headers they overwrite themselves and only the last one will survive.
There is already a feature request on this issue
update
I've just checked what happens when i visit the page without any set cookie. At the first visit i get those:
Set-Cookie: referer=**my referer**; path=/
Set-Cookie: referer60=**my referer**; expires=Wed, 20-Jun-2012 01:50:00 G$$anonymous$$T; path=/
Set-Cookie: PHPSESSID=**my session ID**; path=/; HttpOnly
at once. Unity would discard two of them, usually it keeps the last one.
The only way around this is to not use the WWW class at all ;) Use the .NET classes
Answer by 6c1 · Apr 25, 2013 at 09:17 AM
This might not be what you're looking for, but if cookies will fit your purpose, you could use this to call a function in the HTML file in which your webplayer is embedded. Within that file, you could then write JS code similar to this to write/read a cookie.
Answer by fma · Oct 27, 2013 at 07:36 PM
We have similar problem as www merges all SET_COOKIEs in one pair. Sadly I can see all the cookies in the www.responceHeadersString but the variable is protected and the www.responceHeader's data has been corrupted. Any solutions? Your kind attention is highly appreciated guys.
Your answer
Follow this Question
Related Questions
sending values to server script 1 Answer
yield return WWW.text not downloading??? 1 Answer
Necessary Data Rewind Wasn't Possible WWWForm Error 0 Answers
WWW (webrequest)not working in windows8.1 app store build 0 Answers
help with the WWW Class 1 Answer