HomeScreen is one of the Australian NetFlix clones, and the one to which I used to subscribe (See my review). Anyway, HomeScreen had a nice enough web interface, but annoyingly the login cookie exipres one day after it’s set, which for me meant logging again every-time I visited the site.

I wrote all this up a while back when I was still a HomeScreen subscriber but never got around to doing anything with it. Hopefully I can be excused just this once from going through and changing the tense the whole way through.

I’m sure most of this info is well known by those who would care to know it, but I figured have a go at improving the situation. After a bit of a search, I found Safari’s cookies at Library/Cookies/Cookies.plist under my home directory. Opening the plist gets us to Apple’s Property List Editor tool, which is a really simple XML editor, but from my quite poke around, doesn’t let me search through the file (leaving me looking at about 1500 unnamed entries. Opening the file in TextWrangler gave me the flat XML, and a quick search for the cookie name HS_ID got me to the right place.

<dict>
<key>Domain</key>
<string>.homescreen.com.au</string>
<key>Expires</key>
<date>2005-01-30T00:15:07Z</date>
<key>Name</key>
<string>HS_ID</string>
<key>Path</key>
<string>/</string>
<key>Value</key>
<string>The token I’m not publishing here</string>
</dict>

It’s an odd XML format from my point of view. Why didn’t they use something like the following?

<dict>
<Domain type=”string”>.homescreen.com.au</Domain>
<Expires type=”date”>2005-01-30T00:15:07Z</Expires>
<Name type=”string”>HS_ID</Name>
<Path type=”string”>/</Path>
<Value type=”string”>The token I’m not publishing here</Value>
</dict>

I know I’d find it much easier to work with if only because simple xpaths will let me get straight to the right element. But then, compared with WinIE’s cookie storage format, I guess I should just count myself lucky to have something with a sane date format.

Anyway, back on topic, it seems fairly obvious that I can just edit the expiry date and save the file back. So that’s exactly what I did.

Safari didn’t crash, and the cookie viewer in Safari’s prefs showed my new date (I just wound it forward a year), so everything looked pretty good. Checking the HomeScreen site, I was still logged in, which was also good, but after browsing around for a while, suddenly the expiry date had been reset. I’m assuming what happened is that HomeScreen sent a new HD_ID cookie to (from it’s point of view) extend the expiry date which overwrote the old one (I’d been hoping that it only set them on login, but that’s probably a bit naive).

Anyway this is probably where my interest in solving the problem starts to wane. The following ideas might work, but are probably more effort than the problem is worth to me.

  • I could write some sort of script to push the expiry date forward overnight every night to keep it just ahead of real time. That could mean either loading the page in Safari, or hacking the XML as described above (There’s even a perl module for working with Safari’s cookie storage).
  • I could get something like a proxy server sitting in the middle which could just pass though everything, but wind the HomeScreen cookie expiry date forward on the way through. I know there was a proxy system I played with which could have done this, but the name escapes me now.
  • I could start using a browser (FireFox) which would let me get at the code and hack the source to ignore the cookie expiry for the HomeScreen cookie.
  • Ask HomeScreen to change it. Actually, this should probably have been step 1.

All of this (other than asking HomeScreen) might be moot though. A content management system I’m involved with the development of expires the token which is stored in the cookie after a couple of weeks. This means there’s plenty of time to issue a new one before they’re logged out, but the token can’t be stolen and used forever. At that point, we’d have to start looking at scripting a login to the site, then grabbing and storing the new cookie into safari’s plist file. Not impossible, but unlikely to be worth the effort just for my use.