How to grab remote cookies and send them back to the browser

#1

Hello,

I am building a simple proxy between the client and webservers such as www.youtube.com .

I usually store the remote $http_response_header + the object locally to reduce the latency and everything seems fine.

I have a problem is that when open youtube.com and sign in then the proxy doesnot show that I am signed in . Does that mean because I am not saving cookies as well ?.

This is how I grab Response Headers & send them back to the browser :
[php]
$requested_cookie = $_COOKIE;
$ua= $_SERVER[‘HTTP_USER_AGENT’];
ini_set(‘user_agent’, $ua);
$md5_fname = md5($fname);
$filehead = $file_path."/HTTP_HEADER/".$md5_fname.".txt";
if (file_exists($filehead))
{

$handle = fopen($filehead, "r");
$contents = fread($handle, filesize($filehead));
$getCachedH = unserialize($contents);
fclose($handle);
foreach ($getCachedH as $cHead)
{
    $sendHead = $cHead;
    $getHead = strtoupper($cHead);
    //file_put_contents("$file_path/ghassan.txt", "\n $sendHead \n" ,FILE_APPEND);
    if ( preg_match('/CONTENT-LENGTH: (\d+)/i',$getHead,$clm) ) $content_length = $clm[1];
    if ( preg_match('/CONTENT-TYPE: ([\/\w\-\d]+)/i',$getHead,$ctm) ) $content_type = $ctm[1];
    if ( preg_match('/LOCATION: (.*)/i',$cHead,$lm) ) 
    {
        $header_location = $lm[1];
        header("Location: ".$header_location);
        exit;
    }
    if ( preg_match('/^HTTP\/1\.[01] (\d\d\d)/i', $getHead, $hcm ) ) 
    {
        $http_code = $hcm[1];

    }
    header($sendHead);
}

}
else
{
$opts = array(
‘http’=>array(
‘ignore_errors’=>“true”,
‘method’=>“GET”,
‘header’=>“Cookie: foo=bar\r\n”
)
);

    $context = stream_context_create($opts);
    $urlptr = fopen($_GET['url'],'rb', false, $context);
    $headers = $http_response_header;
    $http_code = $headers[0];
    if($http_code=="200")
    {
        // We grab the Response Headers and save them 
        file_put_contents($filehead, serialize($headers));
    }

    foreach ($headers as $response_header)
    {
        $sendHead = $response_header;
        $getHead = strtoupper($response_header);
        header($sendHead);
        if ( preg_match('/CONTENT-LENGTH: (\d+)/i',$getHead,$clm) ) $content_length = $clm[1];
        if ( preg_match('/CONTENT-TYPE: ([\/\w\-\d]+)/i',$getHead,$ctm) ) $content_type = $ctm[1];
        if ( preg_match('/LOCATION: (.*)/i',$sendHead,$lm) ) 
        {
            $header_location = $lm[1];
            header("Location: ".$header_location);
            exit;
        }
        if ( preg_match('/ACCEPT-RANGES: ([\w\d\-]+)/i',$getHead,$arm) ) $accept_ranges = $arm[1];
        if ( preg_match('/^HTTP\/1\.[01] (\d\d\d)/i', $getHead, $hcm ) ) 
        {
            $http_code = $hcm[1];
        } 

     }

}
[/php]

Can you please help me by providing an example code how to grab cookies and send them back to the browser as I dont know how to send cookies back to the browser .

This is the response header for Youtube :

HTTP/1.0 200 OK
Date: Tue, 03 Dec 2013 17:46:52 GMT
Server: gwiseguy/2.0
P3P: CP=“This is not a P3P policy! See http://support.google.com/accounts/bin/
answer.py?answer=151657&hl=en-US for more info.”
X-Content-Type-Options: nosniff
Content-Type: text/html; charset=utf-8
Expires: Tue, 27 Apr 1971 19:44:06 EST
X-XSS-Protection: 1; mode=block; report=https://www.google.com/appserve/securi
ty-bugs/log/youtube
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
Alternate-Protocol: 80:quic
Connection: close
Set-Cookie: YSC=B12AvSb7Tps; path=/; domain=.youtube.com; httponly
Set-Cookie: VISITOR_INFO1_LIVE=Hc-7JHrBFjA; path=/; domain=.youtube.com; expir
es=Mon, 04-Aug-2014 05:39:51 GMT

Regards,
Ghassan

#2

@ghassan

I know I’m not answering you question directly, but I think I can help you understand if your browser is saving the cookies…

If you use the Chrome browser their is an extentsion you can install called cookie manager.

This will show you all the cookies the current webpage has access to and allow you to manipulate the cookie by changing the values inside it…

I use it a lot…

If you don’t use chrome, you should get it, it’s the best browser to use when you code, with it’s inspect HTML feature.

#3

Hi again,

Thanks for replying. I am already using Chrome.

I already solved my problem yesterday .

My problem was that I am already sending the header Set-Cookie to the browser as a proxy , but I wasnt adding cookies that was captured from the browser $_COOKIE with fopen() while opening websites and this seems to solve all th eabove problems and many more .

My problem was solved .

Regards,
Ghassan