UrlFetchApp.fetch(url,opt) can only send one cookie to a redirected page (Location header) [36754794]

Can't Repro

Bug

Status Update

No update yet.

Description

ma...@gmail.com

created issue #1

Apr 16, 2012 02:30PM

What steps will reproduce the problem?
1. Use UrlFetchApp.fetch() for a POST request.
2. Server responds with Location + 2 cookies:
Location:

https://www.same-server.com/redirected_page.html
Set-Cookie:PHPSESSID=c5236...
Set-Cookie:ticket=e1c77...
3. Google automatically requests the page from the redirected location,
but only sends one of the received cookie to the server.
4. The web server is confused and strange things happen ...
5. Example script:
________________________________________________________________________

function tst_followPageLogin() {
// to test this, you have to register at

followthatpage.com and
// put your login/pasword in line 10+11.
var url = "

https://www.followthatpage.com/";
var options = {}; // for UrlFetchApp.fetch
options.headers = {};
options.headers.Referer = "

https://www.followthatpage.com/login";
options.method = "post";
options.payload = "_qf__login=&action=login&remember_password=1"+
"&email=" + fixedEncodeURIComponent("my-email@...com") +
"&password=" + fixedEncodeURIComponent("my-password");

Logger.log("UrlFetchApp.fetch('" + url + "', " + options.toSource());

var response = UrlFetchApp.fetch(url, options);
// => Exception "Too many redirects:

https://www.followthatpage.com/list_pages"
// (with incorrect login, simply returns "... Password is not correct...")

Logger.log("Web Page:\n" + response.getContentText());
return;
}

function fixedEncodeURIComponent (str) {
// used to escape POST data
return encodeURIComponent(str).replace(/!/g, '%21').replace(/'/g, '%27').
replace(/\(/g, '%28').replace(/\)/g, '%29').replace(/\*/g, '%2A');
}
________________________________________________________________________

What is the expected output? What do you see instead?

I expect that google sends both cookies to the redirected page, and then fetch()
returns the content of the redirected page (after successful the login).

Instead It seems that in the above example there is an infinite loop of redirects,
as the server doesn't receive the expected cookie (fyi - this is only my assumption).
Tests with another web login page produced the result "Your browser doesn't support cookies".

On which browser & OS?

Firefox 11 on Win XP.

Please provide any additional information below.

There's another problem with Cookies and redirects, filed as

Issue 36755050

: HTTPResponse.getAllHeaders() can't get Set-Cookie header in a response
which forwards to a new Location.

http://code.google.com/p/google-apps-script-issues/issues/detail?id=1253

In order to solve both problems, I suggest this very simple approach:
For the method UrlFetchApp.fetch(url, optAdvancedArgs), support an optional
boolean argument "ignoreLocation / dontFollowLocation / dontRedirect".
If provided, the fetch() function shall *not* perform a 2nd request to the redirected
Location:, and instead return the header of the 1st response. This way, the user
has access to all cookies and can request the forwarded page on his own.

Comments

mr...@gmail.com <mr...@gmail.com> #2May 18, 2012 02:38PM

Seems to be related to

http://code.google.com/p/google-apps-script-issues/issues/detail?id=559

ma...@gmail.com <ma...@gmail.com> #3May 18, 2012 03:12PM

Issue 36753169

has been solved and is working fine. The only relationship with this issue might be, that google internally isn't using the new function getAllHeaders() to handle more than one cookie. Unfortunately there's currently no way at all that a script programmer can read any of the received cookies :-(

tc...@gmail.com <tc...@gmail.com> #4Jun 26, 2012 03:35PM

I think the issue is that GAS UrlFetchApp used with POST method does not allow any redirection.

"Too many redirects" is the exception I always get when I try to log in a website whose authentification method requests POST and that replies with at least one redirection (302 Moved Temporarilly).

As a summary, UrlFetchApp using POST method to any website that replies 302 code is impossible using GAS.

This is a real issue.

ko...@gmail.com <ko...@gmail.com> #5Aug 22, 2012 08:13PM

Status: Won't Fix (Not Reproducible)

I tried to reproduce this error but was unable to. In my tests all of the cookies are correctly forwarded on to the server after a redirect, even with a post.

ma...@gmail.com <ma...@gmail.com> #6Aug 22, 2012 11:11PM

Have you tried the example script?
Using my login/pwd, I still get the error "Too many redirects".
It's quite easy to register on the site, so that you can test it by yourself (takes less than 30 sec).

tc...@gmail.com <tc...@gmail.com> #7Aug 23, 2012 01:02PM

I tested redirection with POST and I can tell it does not respond with "too many redirect" anymore.
But I tested martin's case and he is rigth, something is going wrong with redirection and cookies.

I guess the cookie that the first page responds with is not forwarded by GAS to the second page.
Once the

Issue 36752903

will be solved, the current issue will be solved too.

ko...@gmail.com <ko...@gmail.com> #8Aug 23, 2012 02:30PM

@martin, there may still be a problem with your script, but from what I can tell the problem is not that only one cookie is forwarded. As @tcblueefficience said, it may be related to

issue 36752903

ek...@google.com <ek...@google.com> Apr 5, 2017 02:03PM

Reassigned to ek...@google.com.