How to disable cookie handling with the Python requests library?

When I use requests to access an URL cookies are automatically sent back to the server (in the following example the requested URL set some cookie values and then redirect to another URL that display the stored cookie)

>>> import requests
>>> response = requests.get("http://httpbin.org/cookies/set?k1=v1&k2=v2")
>>> response.content
'{\n  "cookies": {\n    "k2": "v2",\n    "k1": "v1"\n  }\n}'

Is it possible to temporary disable cookie handling in the same way you set Chrome or Firefox to not accept cookies?

For example if I access the aforementioned URL with Chrome with cookie handling disabled I get what I expected:

{
  "cookies": {}
}

Solution 1:

You can do this by defining a cookie policy to reject all cookies:

from http import cookiejar  # Python 2: import cookielib as cookiejar
class BlockAll(cookiejar.CookiePolicy):
    return_ok = set_ok = domain_return_ok = path_return_ok = lambda self, *args, **kwargs: False
    netscape = True
    rfc2965 = hide_cookie2 = False

(Note that http.cookiejar's API requires you to define a bunch of attributes and methods, as shown.)

Then, set the cookie policy on your Requests session:

import requests
s = requests.Session()
s.cookies.set_policy(BlockAll())

It will now not store or send cookies:

s.get("https://httpbin.org/cookies/set?foo=bar")
assert not s.cookies

As an aside, if you look at the code, the convenience methods in the requests package (as opposed to those on a requests.Session object) construct a new Session each time. Therefore, cookies aren't persisted between separate calls to requests.get. However, if the first page sets cookies and then issues an HTTP redirect, the target page will see the cookies. (This is what happens with the HTTPBin /cookies/set call, which redirects to /cookies.)

So depending on what behavior you want for redirects, you might not need to do anything special. Compare:

>>> print(requests.get("https://httpbin.org/cookies/set?foo=bar").json())
{'cookies': {'foo': 'bar'}}
>>> print(requests.get("https://httpbin.org/cookies").json())
{'cookies': {}}

>>> s = requests.Session()
>>> print(s.get("https://httpbin.org/cookies/set?foo=bar").json())
{'cookies': {'foo': 'bar'}}
>>> print(s.get("https://httpbin.org/cookies").json())
{'cookies': {'foo': 'bar'}}

>>> s = requests.Session()
>>> s.cookies.set_policy(BlockAll())
>>> print(s.get("https://httpbin.org/cookies/set?foo=bar").json())
{'cookies': {}}
>>> print(requests.get("https://httpbin.org/cookies").json())
{'cookies': {}}

Solution 2:

>>> import mock
>>> import requests
>>> with mock.patch.object(requests.cookies.RequestsCookieJar, 'update', lambda *args, **kwargs: 0):
...     r = requests.get("http://httpbin.org/cookies/set?k1=v1&k2=v2")#, cookies=cj)
...     r.content
... 
'{\n  "cookies": {}\n}'
>>> r = requests.get("http://httpbin.org/cookies/set?k1=v1&k2=v2")
>>> r.content
'{\n  "cookies": {\n    "k2": "v2",\n    "k1": "v1"\n  }\n}'