I have a simple mobile app in Titanium that I'm using to debug the ability to log into our user system.
At the moment, I cannot seem to see the Set-Cookie response header as it's always returned as null.
I'm currently using Titanium SDK 1.7.5 (1.8 is horribly broken).
My code is very simple, a text book example of using the HTTPClient:
var loginReq = Titanium.Network.createHTTPClient();
var url = 'https://auth.csu.edu.au/login/login.pl';
var targetURL = 'http://my.csu.edu.au'
loginButton.addEventListener('click',function(e)
{
if (username.value != '' && password.value != '')
{
loginReq.open('POST', url);
Ti.API.info('Sending HTTP Request.');
var params = {
username: username.value,
password: password.value,
url: targetURL
}
loginReq.send(params);
}
else {
alert("Username/Password are required");
}
});
loginReq.onload = function() {
var cookie = loginReq.getResponseHeader('Set-Cookie');
Ti.API.info('Response Status: ' + loginReq.status);
Ti.API.info('Response Header - Cookie: ' + cookie);
Ti.API.info('Response Header - Location: ' + loginReq.getLocation());
if (Ti.Platform.osname !== 'android')
Ti.API.info('Headers: ' + JSON.stringify(loginReq.getResponseHeaders()));
var f = Titanium.Filesystem.getFile(Titanium.Filesystem.applicationDataDirectory,'test.html');
f.write(this.responseText);
var webview = Ti.UI.createWebView();
webview.url = f.nativePath;
var newWindow = Ti.UI.createWindow();
newWindow.add(webview);
newWindow.open({modal:true});
};
The output is as follows:
[INFO] Sending HTTP Request.
[INFO] Response Status: 200
[INFO] Response Header - Cookie: null
[INFO] Response Header - Location: https://auth.csu.edu.au/login/login.pl?redirect=true&url=http%3a%2f%2fmy%2ecsu%2eedu%2eau
[INFO] Headers: {"Connection":"Keep-Alive","Transfer-Encoding":"Identity","Keep-Alive":"timeout=5, max=99","Content-Type":"text/html","Server":"Apache/2.2.14 (Unix) DAV/2 mod_ssl/2.2.14 OpenSSL/0.9.7d mod_apreq2-20051231/2.6.0 mod_perl/2.0.4 Perl/v5.8.4","Date":"Thu, 02 Feb 2012 01:45:29 GMT"}
I'm just going around and around in circles as I can't seem to see what is exactly wrong here. What confuses me is that HTTPClient.getResponseHeaders() is not even documented (Titanium.Network.HTTPClient-object.html) - and doesn't work for Android.
I know there must be something there because the webview displays the authenticated page fine (you can't get there unless you're authorised + cookie).
How can I get a full list of the headers to make sure I'm getting all the headers I'm supposed to?
I've found the answer to my own question.
What I have in my code to return all headers is correct. Using HTTPClient.getResponseHeaders() is the correct method for iOS and HTTPClient.getAllResponseHeaders() for Android (no idea why there's two different ways - that could be a question for another day).
The reason I'm not seeing the cookie header is because of a bug in Titanium 1.7.5 (and still exists in 1.8.1). It's not forwarding on the cookie on a 302 redirect.
Jiras on the issues: