python - HTTPCookieProcessor 不需要cookie jar？

Question

在我看到的关于在 python 中使用 urllib2 存储 PHP 会话值和查看受保护网页的每个示例中，cookie jar ( cookielib.CookieJar()) 总是像这样传递：

import urllib2
from cookielib import CookieJar

cj = CookieJar()
opener = urllib2.build_opener(urllib2.HTTPCookieProcessor(cj))

有人正在使用此代码并完全删除了 cookiejar，但仍然能够使用此脚本查看受会话保护的网页：

import urllib
import urllib2

opener = urllib2.build_opener(urllib2.HTTPCookieProcessor())

formValues = {
    "username":"user",
    "password":"pass"
}
data = urllib.urlencode(formValues)
response = opener.open("http://jshawl.com/python-playground/login.php", data)
print response.read()
secure = opener.open("http://jshawl.com/python-playground/protected2.php")
print secure.read() # prints content that is only viewable if $_SESSION variable is correct.

在没有 cookie 罐的情况下如何存储 $_SESSION 变量？

score 0 · Accepted Answer

HTTPCookieProcessor 的构造函数的 cookie jar 参数的默认值为 None。在这种情况下，HTTPCookieProcessor 实例化一个新的空 cookie jar。

See also http://books.google.de/books?id=kQom0WiUbZQC&pg=PA438&lpg=PA438&dq=HTTPCookieProcessor&source=bl&ots=mrCFWZE_8q&sig=CEON7tOOalWEpePQsbVVa0XNzV0&hl=en&sa=X&ei=v9BNU4WtHpKkyAPZ3YGgDw&redir_esc=y#v=onepage&q=HTTPCookieProcessor&f=falsehttp://books. google.de/books?id=kQom0WiUbZQC&pg=PA438&lpg=PA438&dq=HTTPCookieProcessor&source=bl&ots=mrCFWZE_8q&sig=CEON7tOOalWEpePQsbVVa0XNzV0&hl=en&sa=X&ei=v9BNU4WtHpKkyAPZ3YGgfalseDw&redir_esc=yf#v=onepage

python - HTTPCookieProcessor 不需要cookie jar？

1 回答 1

Related

Reference