Cookie format and read/write

1. Cookie file format:

Cookie files are a bunch of TXT files in the cookies directory of the operating system. File Name format:
<User name >@< Domain Name> numeric example .txt
That is, the same domain may have multiple cookie files:
Elf@sohu1_12.16.txt
Elf@sohu%2%.txt
Elf@sohu%3%.txt
The number in the file name is unknown. In fact, when you browse a webpage, the browser locates a file based on the index. dat in the cookies directory and then finds the corresponding Cookie field value.

The cookie file is in UNIX format and contains only line breaks (0x0a) without carriage return (0x0d ). Fields in each cookie file are separated by "*". Each field contains eight lines of information:

 

_ Ntes_nnid // field name

456f74e9863f8f4b1a1e37774b0c464d, 0 // Field Value

163. com // The domain to which the field belongs

3584 // flag

3205176064 // expiration time (low)

37425091 // expiration time (high)

2444768976 // creation time (low level)

30082544 // creation time (high)

The expiration time and creation time are filetime, which must be converted into hexadecimal format and then combined. The flag marks some security information, such as whether it is HTTPOnly (detailed later.

2. wininet API reads and writes cookies

For non-browser clients that want to read and write cookies, the following functions are available:

1. Internetgetcookie
2. Internetsetcookie
3. Internetgetcookieex
4. Internetsetcookieex

For more information about the parameter meanings, see msdn. Note the following:

1) The parameter lpszcookiename (Cookie field name) of the above four functions is generally null, rather than passing a field name as described in msdn, otherwise it may fail. When get is used, if null is passed, a file similar to "name1 = value1; name2 = value2 ;... you can parse such a string, but the information such as the flag and expiration time is lost. When set, null is passed. Other information (such as field name, value, and expiration time) is written in lpszcookiedata in a fixed format and passed in:

[CPP]
View plaincopy

1. My_name = my_value; Path =/; expires = sun, 18 Jan 2038 00:00:00 GMT; domain = .sohu.com; HTTPOnly

 

Note: In the above Code, the time format is "day-month-year hour: minute: second ".

If the name is set to null, a wonderful phenomenon will occur. Only the cookie set later will be inserted, and the previously inserted cookie will be rectified, because null is also regarded as an lpszcookiename. This is why it is often asked why internetsetcookie can only insert one cookie. After all, lpszcookiename still needs to be used. Of course, if you only set one cookie, you do not need it. After all, it is more secure, however, I think it is more correct to use MS statements. If you want to set multiple cookies
Lpszcookiename must be in the following format:

Cstring cookie = "1; Path =/; expires = sun, 18 Jan 2038 00:00:00 GMT; domain = test.com ";
Internetsetcookie ("http://test.com", "test1", cookie );

Cookie = "2; Path =/; expires = sun, 18 Jan 2038 00:00:00 GMT; domain = test.com ";
Internetsetcookie ("http://test.com", "Test2", cookie );

The content of the inserted cookie file is as follows:

Test1
1
Test.com/
0
2350186496
32111674
3484819392
30224948
*
Test2
2
Test.com/
0
2350186496
32111674
3484819392
30224948
*

We can see that the data has been successfully inserted. Note that the third parameter of internetsetcookie is lpszcookiedata. Its format is not a simple value, but a my_value; Path = /; expires = sun,
18 Jan 2038 00:00:00 GMT; domain = .test.com format. Incorrect writing is the easiest to write:

Cstring cookie = "1 ";
Internetsetcookie ("http://test.com", "test1", cookie );

Cookie = "2 ";
Internetsetcookie ("http://test.com", "Test2", cookie );

This will not result in successful insertion, because the cookie format determines that it has a valid time in the domain. Therefore, the format must be complete.

2) during get, if the parameter lpszurl is a level-1 domain name, all level-2 domain names under the domain name and qualified cookies under the subdirectory will be obtained at the same time. If the parameter lpszurl is a 2-level domain name, the cookie that meets the criteria under all subdirectories will be obtained at the same time. Such as http://sohu.com, will get the cookie under the http://bai.sohu.com.

3) Vista and win7, and IE7 or IE8, the IE protection mode is enabled by default. At this time, the cookies read and write by IE are not in the cookies directory, but in the low directory of the cookies directory. The directory from which the client reads the cookie depends on the permissions of the current client process: the normal permission process takes the cookies directory, and the restricted (low) Permission takes the low directory. If the process is started with normal permissions and you want to get the cookie in the low directory, you need to start another process with low permissions and use the sub-process to get it:

[CPP]
View plaincopy

1. {
2. Handle hprocess = getcurrentprocess ();
3. Handle htoken = NULL, htokennew = NULL;
4. Psid plntegritysicl = NULL;
5. Token_mandatory_label TMl = {0 };
6. Process_information procinfo = {0 };
7. Startupinfo = {0 };
8. Ulong exitcode = 0;
10. If (! Impersonateself (securityimpersonation )){
11. Return false;
12. }
13. // Specify low permissions:
14. If (! Convertstringsidtosid (sddl_ml_low, & plntegritysicl )){
15. Return false;
16. }
17. Bool Bres = false;
18. If (openprocesstoken (hprocess, maximum_allowed, & htoken )){
19. If (duplicatetokenex (htoken, maximum_allowed, null, securityimpersonation, tokenprimary, & htokennew )){
20. TMl. Label. Attributes = se_group_integrity | se_group_integrity_enabled;
21. TMl. Label. Sid = plntegritysicl;
22. If (settokeninformation (htokennew, tokenintegritylevel, & TML, sizeof (token_mandatory_label) + getlengthsid (plntegritysicl ))){
23. If (createprocessasuser (htokennew, null, szcmd, null, null, false, 0, null, null, & startupinfo, & procinfo )){
24. Bres = true;
25. }
26. If (bwait ){
27. Waitforsingleobject (procinfo. hprocess, 10*1000 );
28. }
29. }
30. Closehandle (htokennew );
31. }
32. Closehandle (htoken );
33. }
34. Return Bres;
35. }

 

4) In IE7 and later, the cookie introduces an attribute HTTPOnly with a value of 0x2000. This flag is a security flag. If a cookie field has this attribute (the flag bit has 0x2000), the web script cannot obtain this field, this field only exists in the HTTP request header. For clients, there are:
In IE6 or IE7 environments: the client cannot obtain the value of this field through internetgetcookie. It can only read the cookie text and then parse it manually (Refer to Part 1: cookie file format ).
In IE8 environment: the client can obtain this field value through internetgetcookieex and the dwflags parameter contains 0x2000.