I'm trying to create a PHP based application that allows students from my school to have a cleaner presentation of their grades.
My goal is to to remotely login to their server and retrieve and format the XML. However, their login system uses cookies. Now, I'm fairly familiar with cookies, but I'm having trouble finding a way to accept a cookie and send a remote login request that also sends the cookies set by their system.
I've tried a few ways of connecting: cURL, iFrames, AJAX, but none seem to accept and log/send the cookies.
The cookies are added to a user's browser just by visiting their site without logging in. I attempted to "catch" the header information, but I believe that's "cookie sniffing."
Is this even possible, and is it even allowed by the Same Origin policy?
Thanks in advance!
I suspect you will not be able to do what you want to do. If you are saying you want to be able to get the cookies out of their browser and have them sent to your PHP application (which is on a different domain) then use those cookies to log into their application remotely so that you can then relay info from their server back tot hem through yours, then no, definitely not. Same-origin exists explicitly to avoid that kind of stuff.
Imagine if that were possible. I could then write a web application that would harvest your gmail cookies, and log into your gmail remotely to do whatever I like.
If I am misunderstanding what you are trying to do, please let me know and I will update my answer.