cls33 has asked for the wisdom of the Perl Monks concerning the following question:

I'm in the process of writing a transparent HTTP proxy in PERL.

Essentially I'd like this to sit between the web server and the app server and act as sort of a "2nd proxy" that provides a lot more detailed request manipulation logic than I can get out of the proxy modules in Apache or NGINX or something.

To start with, I've considered going with an existing module like HTTP::Proxy, or attempting to augment NGINX or Apache to accomplish this, but for a couple or reasons I'd rather not get into, I'd rather stick with writing my own, so lets just assume that's the way I need to go for the purposes of this discussion.

Essentially I'm "catching" the request via standard CGI, manipulating it and/or routing it based on some pretty obscure logic and then reformulating the request with LWP and then spitting the response back to the upstream webserver, which turns around and hands it to the browser... dumb I know, but this is a dumb situation. I have pretty much everything working, standard GET/POST requests, 302/301 redirects, etc... but the one place I'm having trouble that I can't figure out is how to pass cookies through this layer.

So if I have an app that is hidden behind a login screen, how do I pull the session cookie out of the standard HTTP::Response object I get when I post the login form and get that back to the browser?

Any ideas are *super* appreciated!!!!
  • Comment on Passing cookies through a PERL HTTP Proxy

Replies are listed 'Best First'.
Re: Passing cookies through a PERL HTTP Proxy
by MidLifeXis (Monsignor) on Apr 17, 2013 at 13:17 UTC

    Have you looked for prior art?

    --MidLifeXis

[reply]
Re: Passing cookies through a PERL HTTP Proxy
by Anonymous Monk on Apr 17, 2013 at 02:19 UTC

    Essentially I'm "catching" the request via standard CGI, .... but the one place I'm having trouble that I can't figure out is how to pass cookies through this layer.

    A cookie is just another header, but since it has fields like "domain", you may have to translate it -- the HTTP Proxy RFC should have the required details

    Are you running your "cgi" as nph? I think you need nph to make this work if its possible

[reply]
      I'm still missing something. I can pull the cookie out of the response header easily enough:
      my $CookieHeader = $response->header('Set-Cookie');

      But I'm not sure how to pass that back to the browser. Right now I send the response back like so: 

          if ($response->is_redirect)
        {        
        print $cgi->redirect(-uri=>$response->header('Location'),
                          -status=>$response->code
                          );
        }
    else
        {
        print $cgi->header($ResponseContentType);
        print $response->content;
                }

      [download]


      I guess I'm not sure how to use CGI to invoke Set-Cookie. I know it has a -cookie option, but I don't have a CGI cookie object, so I don't think that will work...redirect(-uri=
[reply]
[d/l]
[select]
[reply]

Back to Seekers of Perl Wisdom