commons-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Michael Becke <>
Subject Re: [HTTPClient 3.0 alpha] Cookie handling-- with secure attrubute
Date Tue, 08 Jun 2004 03:10:28 GMT
On Jun 7, 2004, at 7:54 PM, Kedar Panse wrote:
> I am sorry tobe bothering like this.   While investingating more I 
> found out its not sending cookies marked secure (I guess this means 
> send only if its shttp/ssl).  How do I overcome this?

Yes, this could definitely be the source of the problem.  HttpClient 
will only send secure cookies over secure (https) connections.

The only way to override this behavior would be to manually edit the 
secure cookies to remove the secure setting, or to implement a custom 
version of CookieSpec with a lax version of match().  Doing this would 
not be recommended as it would defeat the whole purpose of having 
secure cookies.


To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message