Log in

No account? Create an account
Request for information. - LiveJournal Client Discussions — LiveJournal [entries|archive|friends|userinfo]
LiveJournal Client Discussions

[ userinfo | livejournal userinfo ]
[ archive | journal archive ]

Request for information. [Mar. 14th, 2002|04:06 pm]
LiveJournal Client Discussions
[mood |determineddetermined]

I'm working on my client...

What needs to be sent to the web server (www.livejournal.com:80) for the server to return the cookie information (ljuser and ljhpass)?

Then how is this cookie info sent back to the server so that the server knows we have been logged in?

Thanks in advance! :-)

From: tribelessnomad
2002-03-14 05:15 pm (UTC)

Cookie protocol

You would need to send an HTTP POST request (syntax at www.w3.org/Protocols/rfc2616/rfc2616-sec5.html) containing the same data that a browser would collect from LiveJournal's login.bml form. The MIME type for that data is application/x-www-form-urlencoded, which is defined in the Form submission section of the HTML spec.

When you parse the HTTP response (syntax at www.w3.org/Protocols/rfc2616/rfc2616-sec6.html), look for a Set-Cookie header. Cookie-related headers are documented in various places; I'm not sure which is the "official" spec (if there is one), so I'll list several:


Those documents also explain how to send a Cookie header in subsequent HTTP requests, so that the server knows your client has logged in. Be careful to protect the user's security. For example, it's important that cookies are sent back only to the site that set them in the first place. There's more to it than that, and people's passwords are at stake, so if you don't want to be LJ's most unpopular developer, you'll take some time to research the security considerations before releasing a cookie-based client.

(Reply) (Thread)