A perpetual problem with cookies is that web site designers do not seem to realize that cookies need to be protected as zealously as your username and password. While it is true that well-designed cookies expire and will no longer be accepted as valid by the server, cookies—while they last—give exactly as much access to a web site as a username and password.
Should you happen to observe or capture a Cookie: header from an HTTP request that you observe,
remember that there is no need to store it in a CookieJar or represent it as a cookielib object at all.
Indeed, you could not do that anyway because the outgoing Cookie: header does not reveal the domain
and path rules that the cookie was stored with. Instead, just inject the Cookie: header raw into the
requests you make to the web site:
request = urllib2.Request(url)
info = urllib2.urlopen(request)