1--- 2c: Copyright (C) Daniel Stenberg, <daniel@haxx.se>, et al. 3SPDX-License-Identifier: curl 4Title: CURLOPT_COOKIELIST 5Section: 3 6Source: libcurl 7See-also: 8 - CURLINFO_COOKIELIST (3) 9 - CURLOPT_COOKIE (3) 10 - CURLOPT_COOKIEFILE (3) 11 - CURLOPT_COOKIEJAR (3) 12Protocol: 13 - HTTP 14--- 15 16# NAME 17 18CURLOPT_COOKIELIST - add to or manipulate cookies held in memory 19 20# SYNOPSIS 21 22~~~c 23#include <curl/curl.h> 24 25CURLcode curl_easy_setopt(CURL *handle, CURLOPT_COOKIELIST, 26 char *cookie); 27~~~ 28 29# DESCRIPTION 30 31Pass a char pointer to a *cookie* string. 32 33Such a cookie can be either a single line in Netscape / Mozilla format or just 34regular HTTP-style header (`Set-Cookie:`) format. This option also enables the 35cookie engine. This adds that single cookie to the internal cookie store. 36 37We strongly advice against loading cookies from an HTTP header file, as that 38is an inferior data exchange format. 39 40Exercise caution if you are using this option and multiple transfers may 41occur. If you use the `Set-Cookie` format and the string does not specify a 42domain, then the cookie is sent for any domain (even after redirects are 43followed) and cannot be modified by a server-set cookie. If a server sets a 44cookie of the same name (or maybe you have imported one) then both are sent on 45future transfers to that server, likely not what you intended. To address 46these issues set a domain in `Set-Cookie` (doing that includes subdomains) or 47much better: use the Netscape file format. 48 49Additionally, there are commands available that perform actions if you pass in 50these exact strings: 51 52## `ALL` 53 54erases all cookies held in memory 55 56## `SESS` 57 58erases all session cookies held in memory 59 60## `FLUSH` 61 62writes all known cookies to the file specified by CURLOPT_COOKIEJAR(3) 63 64## `RELOAD` 65 66loads all cookies from the files specified by CURLOPT_COOKIEFILE(3) 67 68# DEFAULT 69 70NULL 71 72# EXAMPLE 73 74~~~c 75/* an inline import of a cookie in Netscape format. */ 76 77#define SEP "\t" /* Tab separates the fields */ 78 79int main(void) 80{ 81 char *my_cookie = 82 "example.com" /* Hostname */ 83 SEP "FALSE" /* Include subdomains */ 84 SEP "/" /* Path */ 85 SEP "FALSE" /* Secure */ 86 SEP "0" /* Expiry in epoch time format. 0 == Session */ 87 SEP "foo" /* Name */ 88 SEP "bar"; /* Value */ 89 90 CURL *curl = curl_easy_init(); 91 if(curl) { 92 /* my_cookie is imported immediately via CURLOPT_COOKIELIST. */ 93 curl_easy_setopt(curl, CURLOPT_COOKIELIST, my_cookie); 94 95 /* The list of cookies in cookies.txt are not be imported until right 96 before a transfer is performed. Cookies in the list that have the same 97 hostname, path and name as in my_cookie are skipped. That is because 98 libcurl has already imported my_cookie and it's considered a "live" 99 cookie. A live cookie is not replaced by one read from a file. 100 */ 101 curl_easy_setopt(curl, CURLOPT_COOKIEFILE, "cookies.txt"); /* import */ 102 103 /* Cookies are exported after curl_easy_cleanup is called. The server 104 may have added, deleted or modified cookies by then. The cookies that 105 were skipped on import are not exported. 106 */ 107 curl_easy_setopt(curl, CURLOPT_COOKIEJAR, "cookies.txt"); /* export */ 108 109 curl_easy_perform(curl); /* cookies imported from cookies.txt */ 110 111 curl_easy_cleanup(curl); /* cookies exported to cookies.txt */ 112 } 113} 114~~~ 115 116# Cookie file format 117 118The cookie file format and general cookie concepts in curl are described 119online here: https://curl.se/docs/http-cookies.html 120 121# AVAILABILITY 122 123**ALL** was added in 7.14.1 124 125**SESS** was added in 7.15.4 126 127**FLUSH** was added in 7.17.1 128 129**RELOAD** was added in 7.39.0 130 131# RETURN VALUE 132 133Returns CURLE_OK if the option is supported, CURLE_UNKNOWN_OPTION if not, or 134CURLE_OUT_OF_MEMORY if there was insufficient heap space. 135