C#: Handling Cookies in a Series of HttpWebRequest and HttpWebResponse Sessions

28Jun09

I’ve always wanted to experiment with creating “sessions” on websites to mimic real users browsing and using a site, and I’ve finally gotten around to a project that involves this: my goal is to “wrap” an online database that is queried through a series of HTML forms, returns a map, and then allows you to open a popup with an HTML table outlining all the points displayed on the map. A formidable challenge, indeed, but in the awesome language of C#, no big deal.

To successfully establish a user session with a website, you must preserve the correct authentication and session cookies. The web database was built using ASP.NET, so I needed to make sure that I had an ASP.NET Session ID. One of the best ways to find out where cookies are sent to you is using an HTTP proxy to analyze requests and responses. The program of choice is called Fiddler, developed by Microsoft. (You can get the latest version at http://fiddler2.com/.) Unfortunately, I was forced to use Firefox to track packets because the old (straight out of 1997) interface  recognizes the new and revolutionary browser Google Chrome as being Safari 1.3 (how sad), and doesn’t allow you to use their database. and you must set special proxy settings in Firefox for Fiddler to function correctly. After visiting the site and filling out the series of HTML forms, I could see how the report page was functioning – it was using the ASP.NET Session ID along with referrer HTTP header attributes to  find the parameters of my original query and retrieve information from the database.

That might sound like an easy interface to hack, but the cookies are deceptive as you don’t exactly know when they are set. Fortunately, after scouring the internet for an hour or so, I happened to find out about the CookieContainer datatype (HttpWebRequest.CookieContainer). All you have to do to create a cookie “jar” that carries over from one HTTP session to another is writing the following code:

CookieContainer cookieJar = new CookieContainer();

var request = (HttpWebRequest)HttpWebRequest.Create("http://www.google.com");
request.CookieContainer = cookieJar;

Now you can access the cookies by looping through the CookieContainer in a simple foreach statement. To apply this cookie container to your next HttpWebRequest, all you have to do is:

 request.CookieContainer = cookieJar;

Yay!!!


Filed under: .NET, Feature, Programming   |  Leave a Comment
Tags: , , , , , , , , , ,