Skip to content

Stop sending cookies on HTTP requests#757

Open
jjjake wants to merge 1 commit into
masterfrom
stop-sending-cookies
Open

Stop sending cookies on HTTP requests#757
jjjake wants to merge 1 commit into
masterfrom
stop-sending-cookies

Conversation

@jjjake
Copy link
Copy Markdown
Owner

@jjjake jjjake commented Apr 2, 2026

Summary

  • Stop loading logged-in-user and logged-in-sig cookies into the requests.Session cookie jar in ArchiveSession.__init__
  • All auth uses S3Auth (Authorization: LOW header) — cookies were vestigial and sent on every *.archive.org request unnecessarily
  • Cookie values remain in self.config['cookies'] for self.user_email and ia configure --print-cookies

Test plan

  • ruff check passes
  • pytest — 251 passed, 0 failures
  • Manual: run redirect auth test script to confirm cookies show NONE on all hops

🤖 Generated with Claude Code

@jjjake @claude
Stop sending cookies on HTTP requests
1315c24 
All auth operations use S3Auth (Authorization: LOW header). The
logged-in-user and logged-in-sig cookies were loaded into the
requests.Session cookie jar and sent on every *.archive.org request,
but nothing on the server side or client side depends on them for
functionality.

This removes the cookie jar loading from ArchiveSession.__init__.
Cookie values remain accessible in self.config['cookies'] for:
- self.user_email (parsed from config dict, not the jar)
- `ia configure --print-cookies` (reads from config dict)

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@jjjake