reddit.clj icon indicating copy to clipboard operation
reddit.clj copied to clipboard
verified publisher icon sunng87

login fails b/c of malformed cookie

Open legendarylarry opened this issue 11 years ago • 5 comments 

(ns haiku.bot
    (:require [reddit.clj.core :as reddit]))

(def rc (reddit/login "username" "password"))

WARNING: Invalid cookie header: "set-cookie: secure_session=; Domain=reddit.com; Max-Age=-1408921027; Path=/; expires=Thu, 01-Jan-1970 00:00:01 GMT; HttpOnly". Negative max-age attribute: -1408921027 Exception in thread "main" org.apache.http.cookie.MalformedCookieException: Negative max-age attribute: -1408921027, compiling:(reddit.clj:5:9) [...] Caused by: org.apache.http.cookie.MalformedCookieException: Negative max-age attribute: -1408921027

legendarylarry avatar Aug 24 '14 23:08 legendarylarry

FWIW clj-http defaults to BrowserCompatSpec for cookie policy. They added the ability to change it, and I tried various alternatives ( IgnoreSpec, BestMatchSpec, etc ) but no success handling the negative max age.

I ended up hacking clj_http/cookies.clj to diddle the returned cookie to replace the max-age value with something acceptable. I'm not sure this can be fixed in reddit.clj b/c the exception/crash happens in clj-http.

Although maybe we could add something to catch the MalformedCookieException in reddit.clj/core and do the hack there, I'm not sure.

legendarylarry avatar Aug 28 '14 05:08 legendarylarry

hmm, perhaps we need to parse the cookie as http header, manually.

sunng87 avatar Aug 28 '14 10:08 sunng87

They hardly allow you to change the cookie policy. They let you change the validate function on BrowserCompatSpec and that's it. This error is coming out of the parse function.

I might put in an issue with clj-http to allow deeper configuration of the cookie policy. It's silly to have an option for "cookie-policy" that only lets you override one function.

SirBraneDamuj avatar Oct 15 '14 17:10 SirBraneDamuj

So what's the workaround for this? I am getting a full error, it's not just a warning:

1. Caused by org.apache.http.cookie.MalformedCookieException
   Negative max-age attribute: -1414022996

       BasicMaxAgeHandler.java:   63  org.apache.http.impl.cookie.BasicMaxAgeHandler/parse
           CookieSpecBase.java:   93  org.apache.http.impl.cookie.CookieSpecBase/parse
        BrowserCompatSpec.java:  145  org.apache.http.impl.cookie.BrowserCompatSpec/parse
                   cookies.clj:   65  clj-http.cookies/decode-cookie
                      core.clj: 2557  clojure.core/map/fn
                  LazySeq.java:   40  clojure.lang.LazySeq/sval
                  LazySeq.java:   49  clojure.lang.LazySeq/seq
                       RT.java:  484  clojure.lang.RT/seq
                      core.clj:  133  clojure.core/seq
                 protocols.clj:   30  clojure.core.protocols/seq-reduce
                 protocols.clj:   54  clojure.core.protocols/fn
                 protocols.clj:   13  clojure.core.protocols/fn/G
                      core.clj: 6289  clojure.core/reduce
                   cookies.clj:   80  clj-http.cookies/decode-cookies
                   cookies.clj:   87  clj-http.cookies/decode-cookie-header
                   cookies.clj:  117  clj-http.cookies/wrap-cookies/fn
                   cookies.clj:  141  clj-http.cookies/wrap-cookie-store/fn
                     links.clj:   50  clj-http.links/wrap-links/fn
                    client.clj:  448  clj-http.client/wrap-unknown-host/fn
                    client.clj:  549  clj-http.client/post
                   RestFn.java:  423  clojure.lang.RestFn/invoke
                    client.clj:   30  reddit.clj.client/urlpost
                    client.clj:   92  reddit.clj.client/login
                      core.clj:  183  reddit.clj.core/login
                      AFn.java:  156  clojure.lang.AFn/applyToHelper
                      AFn.java:  144  clojure.lang.AFn/applyTo
                 Compiler.java: 3553  clojure.lang.Compiler$InvokeExpr/eval
                 Compiler.java:  417  clojure.lang.Compiler$DefExpr/eval
                 Compiler.java: 6708  clojure.lang.Compiler/eval
                 Compiler.java: 7130  clojure.lang.Compiler/load
                          REPL:    1  user/eval5208
                 Compiler.java: 6703  clojure.lang.Compiler/eval
                 Compiler.java: 6666  clojure.lang.Compiler/eval
                      core.clj: 2927  clojure.core/eval
                      main.clj:  239  clojure.main/repl/read-eval-print/fn
                      main.clj:  239  clojure.main/repl/read-eval-print
                      main.clj:  257  clojure.main/repl/fn
                      main.clj:  257  clojure.main/repl
                   RestFn.java: 1523  clojure.lang.RestFn/invoke
        interruptible_eval.clj:   67  clojure.tools.nrepl.middleware.interruptible-eval/evaluate/fn
                      AFn.java:  152  clojure.lang.AFn/applyToHelper
                      AFn.java:  144  clojure.lang.AFn/applyTo
                      core.clj:  624  clojure.core/apply
                      core.clj: 1862  clojure.core/with-bindings*
                   RestFn.java:  425  clojure.lang.RestFn/invoke
        interruptible_eval.clj:   51  clojure.tools.nrepl.middleware.interruptible-eval/evaluate
        interruptible_eval.clj:  183  clojure.tools.nrepl.middleware.interruptible-eval/interruptible-eval/fn/fn
        interruptible_eval.clj:  152  clojure.tools.nrepl.middleware.interruptible-eval/run-next/fn
                      AFn.java:   22  clojure.lang.AFn/run
       ThreadPoolExecutor.java: 1145  java.util.concurrent.ThreadPoolExecutor/runWorker
       ThreadPoolExecutor.java:  615  java.util.concurrent.ThreadPoolExecutor$Worker/run
                   Thread.java:  745  java.lang.Thread/run

vspinu avatar Oct 23 '14 00:10 vspinu

I will take a look.

We can also press the issue with reddit, since afaict negative max-age violates RFC2109, though I'm not sure how responsive they are.

legendarylarry avatar Oct 23 '14 01:10 legendarylarry