Index: nselib/httpspider.lua
===================================================================
--- nselib/httpspider.lua	(revision 36817)
+++ nselib/httpspider.lua	(working copy)
@@ -125,6 +125,7 @@
     o.timeout  = options.timeout or 10000
     o.whitelist = o.whitelist or {}
     o.blacklist = o.blacklist or {}
+    o.cookies = o.cookies or {}
     local removewww = function(url) return string.gsub(url, "^www%.", "") end
 
     -- set up the appropriate matching functions
@@ -633,7 +634,7 @@
     o:loadLibraryArguments()
     o:loadDefaultArguments()
 
-    local response = http.get(o.host, o.port, '/', { timeout = o.options.timeout, redirect_ok = o.options.redirect_ok, no_cache = o.options.no_cache } )
+    local response = http.get(o.host, o.port, '/', { timeout = o.options.timeout, redirect_ok = o.options.redirect_ok, no_cache = o.options.no_cache, cookies=o.options.cookies } )
 
     if ( not(response) or 'table' ~= type(response) ) then
       return
@@ -832,7 +833,7 @@
         end
         if is_web_file then
           stdnse.debug2("%s: Using GET: %s", LIBRARY_NAME, file)
-          response = http.get(url:getHost(), url:getPort(), url:getFile(), { timeout = self.options.timeout, redirect_ok = self.options.redirect_ok, no_cache = self.options.no_cache } )
+          response = http.get(url:getHost(), url:getPort(), url:getFile(), { timeout = self.options.timeout, redirect_ok = self.options.redirect_ok, no_cache = self.options.no_cache, cookies = self.options.cookies } )
         else
           stdnse.debug2("%s: Using HEAD: %s", LIBRARY_NAME, file)
           response = http.head(url:getHost(), url:getPort(), url:getFile())
@@ -839,7 +840,29 @@
         end
       else
         -- fetch the url, and then push it to the processed table
-        response = http.get(url:getHost(), url:getPort(), url:getFile(), { timeout = self.options.timeout, redirect_ok = self.options.redirect_ok, no_cache = self.options.no_cache } )
+        response = http.get(url:getHost(), url:getPort(), url:getFile(), { timeout = self.options.timeout, redirect_ok = self.options.redirect_ok, no_cache = self.options.no_cache, cookies = self.options.cookies } )
+        if (self.options and self.options.cookies and #self.options.cookies>0) then
+          --We replace the value of the cookie if same name cookie exists
+          --Else, we append it in the end.
+          local flag = 0
+          for k,v in pairs(response.cookies) do
+            for k1,v1 in pairs(self.options.cookies) do
+              flag = 0   
+              if(v.name == v1.name) then
+                self.options.cookies[k1].value = response.cookies[k].value
+                flag = 1
+                break
+              end 
+            end
+            if (flag == 0) then
+              self.options.cookies[#options.cookies+1] = response.cookies[k]
+            end
+          end
+        else
+          if self.options and self.options.cookies then
+            self.options.cookies = response.cookies
+          end
+        end         
       end
 
       self.processed[tostring(url)] = true
@@ -906,7 +929,9 @@
     if ( nil == self.options.doscraping ) then
       self.options.doscraping = stdnse.get_script_args(sn .. ".doscraping")
     end
-
+    if ( nil == self.options.cookies ) then
+      self.options.cookies = stdnse.get_script_args(sn .. ".cookies")
+    end    
   end,
 
   -- Loads the argument on a library level
@@ -937,6 +962,9 @@
     if ( nil == self.options.doscraping ) then
       self.options.doscraping = stdnse.get_script_args(ln .. ".doscraping")
     end
+    if ( nil == self.options.cookies ) then
+      self.options.cookies = stdnse.get_script_args(ln .. ".cookies")
+    end
   end,
 
   -- Loads any defaults for arguments that were not set