This section provides a tutorial example of HTTP communication log of a single ASP session created with a Perl LWP testing program.
If you run it with "reg_client.pl > client.out" in a command window,
you will get the following in the window:
LWP::UserAgent::new: ()
LWP::UserAgent::request: ()
LWP::UserAgent::simple_request: GET http://localhost/reg_form.asp
LWP::UserAgent::_need_proxy: Not proxied
LWP::Protocol::http::request: ()
LWP::Protocol::http::request: GET /reg_form.asp HTTP/1.0
Host: localhost
User-Agent: libwww-perl/5.51
LWP::Protocol::http::request: reading response
LWP::Protocol::http::request: HTTP/1.1 200 OK
Server: Microsoft-IIS/5.0
Date: Sat, 28 Dec 2002 22:06:20 GMT
Connection: Keep-Alive
Content-Length: 383
Content-Type: text/html
Set-Cookie: ASPSESSIONIDQQGQQMCC=EFFFLMGAADIKNCGPKJDNHMCC; path=/
Cache-control: private
<html><body><b>Registration Form</b>:<br/><form action=reg_form.asp me
thod=get>First Name:<input type=text size=16 name=first_name><br/>Last
Name:<input type=text size=16 name=last_name><br/>Email:<input type=te
xt size=32 name=email><br/>URL:<input type=text size=32 name=url><br/>
<input type=submit name=submit value=Submit></br></form>Your session I
D is 113988957<br/></body></html>
LWP::Protocol::http::request: HTTP/1.1 200 OK
LWP::Protocol::collect: read 383 bytes
LWP::UserAgent::request: Simple response: OK
HTTP::Cookies::extract_cookies: Set cookie ASPSESSIONIDQQGQQMCC => EFF
FLMGAADIKNCGPKJDNHMCC
HTTP::Cookies::add_cookie_header: Checking localhost.local for cookies
HTTP::Cookies::add_cookie_header: - checking cookie path=/
HTTP::Cookies::add_cookie_header: - checking cookie ASPSESSIONIDQQGQQ
MCC=EFFFLMGAADIKNCGPKJDNHMCC
HTTP::Cookies::add_cookie_header: it's a match
HTTP::Cookies::add_cookie_header: Checking .local for cookies
LWP::UserAgent::request: ()
LWP::UserAgent::simple_request: GET http://localhost/reg_form.asp?firs
t_name=Herong&submit=Submit
LWP::UserAgent::_need_proxy: Not proxied
LWP::Protocol::http::request: ()
LWP::Protocol::http::request: GET /reg_form.asp?first_name=Herong&
submit=Submit HTTP/1.0
Host: localhost
User-Agent: libwww-perl/5.51
Cookie: ASPSESSIONIDQQGQQMCC=EFFFLMGAADIKNCGPKJDNHMCC
Cookie2: $Version=1
LWP::Protocol::http::request: reading response
LWP::Protocol::http::request: HTTP/1.1 302 Object moved
Server: Microsoft-IIS/5.0
Date: Sat, 28 Dec 2002 22:06:20 GMT
Location: reg_done.asp?last_name=
Connection: Keep-Alive
Content-Length: 144
Content-Type: text/html
Cache-control: private
<head><title>Object moved</title></head>
<body><h1>Object Moved</h1>This object may be found <a HREF="reg_done.
asp?last_name=">here</a>.</body>
LWP::Protocol::http::request: HTTP/1.1 302 Object moved
LWP::Protocol::collect: read 144 bytes
LWP::UserAgent::request: Simple response: Found
LWP::UserAgent::request: ()
LWP::UserAgent::simple_request: GET http://localhost/reg_done.asp?
last_name=
LWP::UserAgent::_need_proxy: Not proxied
LWP::Protocol::http::request: ()
LWP::Protocol::http::request: GET /reg_done.asp?last_name= HTTP/1.0
Host: localhost
User-Agent: libwww-perl/5.51
Cookie: ASPSESSIONIDQQGQQMCC=EFFFLMGAADIKNCGPKJDNHMCC
Cookie2: $Version=1
LWP::Protocol::http::request: reading response
LWP::Protocol::http::request: HTTP/1.1 200 OK
Server: Microsoft-IIS/5.0
Date: Sat, 28 Dec 2002 22:06:20 GMT
Connection: Keep-Alive
Content-Length: 166
Content-Type: text/html
Cache-control: private
<html><body><b>Thank you registrating with us</b>:<br/>First Name:Heron
g<br/>Last Name:<br/>
Email:<br/>
URL:<br/>
Your session ID is 113988957<br/></body></html>
LWP::Protocol::http::request: HTTP/1.1 200 OK
LWP::Protocol::collect: read 166 bytes
LWP::UserAgent::request: Simple response: OK
We have a lot of information here. Let's analyze it quickly.
My first request was sent as "GET /reg_form.asp HTTP/1.0".
The first response came back with a cookie as: "ASPSESSIONIDQQGQQMCC=EFFFLMGAADIKNCGPKJDNHMCC".
Apparently, this is the session ID, but encrypted. In the response content, session ID
is reported as: 113988957.
My second request was sent as "GET /reg_form.asp?first_name=Herong&submit=Submit HTTP/1.0",
with two cookies. The first cookie was the ASP server session ID. The second cookie
came from nowhere.
The second response was interesting. It had code of "302 Object moved", and a
"Location" header line indicating the new URL. Obviously, this response was generated by the
"redirect" command in my ASP page, reg_form.asp.
The LWP::UserAgent object is smart. It recognized the "Object moved" code, and
automatically send another request with new URL location.
With no surprises, the second response came correctly. The ASP did recognize my session
ID in my second and third request, because the session ID reported in the third
response is the same: 113988957.
It is interesting to see that there was no cookie in the second response and
third response. My guess is that ASP server saw the session ID in the second request
and third request, so there was no need to put the session ID as cookie in the responses.
