Guzzle and the Empty Cookie

Recently I had to write an HTTP client to fetch some data from a remote website and parse it.

I ain’t a perl-fan, for this kind of problem I prefer PHP as development tool, so I was looking for some rock-solid PHP-framework that was:

  • object-oriented developed
  • able to manage an authentication (basic, digest, …)
  • capable to issue any HTTP method (GET, POST, DELETE, …)
  • (possibly) managed by composer

Googling around I found Guzzle, which meets all my requirements, makes use of Symfony’s event dispatcher (which I used in the past) and it’s also used by other well-known realities such as Drupal and Goutte.

Guzzle is ready-to-use, easy to setup and integrate with your project; by the way I spent half an afternoon analyzing the following scenario.

In its first response, the server sets the cookie FOO and, after the client successfully authenticates (basic authentication), the server clears the cookie FOO (assigning an empty value), along with creating a new one (BAR). From this moment, all requests sent by the client must not include the cookie FOO, but only BAR.

The problem is that the empty cookie FOO contained in the second server response is correctly discarded by Guzzle as it’s considered invalid, but Guzzle doesn’t check if there is already a cookie with the same name in the cookie jar.

Introducing the patch.

You can find the source here, the unit test and the merged pull request.