Return-Path: 
 <commons-httpclient-dev-return-5994-apmail-jakarta-commons-httpclient-dev-archive=jakarta.apache.org@jakarta.apache.org>
Delivered-To: apmail-jakarta-commons-httpclient-dev-archive@www.apache.org
Received: (qmail 74996 invoked from network); 30 Oct 2003 08:32:45 -0000
Received: from daedalus.apache.org (HELO mail.apache.org) (208.185.179.12)
  by minotaur-2.apache.org with SMTP; 30 Oct 2003 08:32:45 -0000
Received: (qmail 81487 invoked by uid 500); 30 Oct 2003 08:32:20 -0000
Delivered-To: apmail-jakarta-commons-httpclient-dev-archive@jakarta.apache.org
Received: (qmail 81461 invoked by uid 500); 30 Oct 2003 08:32:20 -0000
Mailing-List: contact commons-httpclient-dev-help@jakarta.apache.org;
 run by ezmlm
Precedence: bulk
List-Unsubscribe: 
 <mailto:commons-httpclient-dev-unsubscribe@jakarta.apache.org>
List-Subscribe: <mailto:commons-httpclient-dev-subscribe@jakarta.apache.org>
List-Help: <mailto:commons-httpclient-dev-help@jakarta.apache.org>
List-Post: <mailto:commons-httpclient-dev@jakarta.apache.org>
List-Id: "Commons HttpClient Project"
 <commons-httpclient-dev.jakarta.apache.org>
Reply-To: "Commons HttpClient Project"
 <commons-httpclient-dev@jakarta.apache.org>
Delivered-To: mailing list commons-httpclient-dev@jakarta.apache.org
Received: (qmail 81446 invoked from network); 30 Oct 2003 08:32:20 -0000
Received: from unknown (HELO exchange.sun.com) (192.18.33.10)
  by daedalus.apache.org with SMTP; 30 Oct 2003 08:32:20 -0000
Received: (qmail 24764 invoked by uid 50); 30 Oct 2003 08:35:43 -0000
Date: 30 Oct 2003 08:35:43 -0000
Message-ID: <20031030083543.24763.qmail@nagoya.betaversion.org>
From: bugzilla@apache.org
To: commons-httpclient-dev@jakarta.apache.org
Cc: 
Subject: DO NOT REPLY [Bug 24081]  -
    Manually set 'Cookie' & 'Authorization' headers get discarded
X-Spam-Rating: daedalus.apache.org 1.6.2 0/1000/N
X-Spam-Rating: minotaur-2.apache.org 1.6.2 0/1000/N

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG 
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://nagoya.apache.org/bugzilla/show_bug.cgi?id=24081>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND 
INSERTED IN THE BUG DATABASE.

http://nagoya.apache.org/bugzilla/show_bug.cgi?id=24081

Manually set 'Cookie' & 'Authorization' headers get discarded





------- Additional Comments From rolweber@de.ibm.com  2003-10-30 08:35 -------
Hello Oleg,

I have just taken a look at it. In combination with pluggable cookie policies,
this patch provides everything I would need. Cookies can be set manually, with
or without being extended by the cookies from the HttpState. Resolving clashes
between manually set cookies and those in the state is the responsibility of
whom who sets cookies manually. And someone who wants his cookie header to be
removed automatically shouldn't set it in the first place :-)

No, wait, there is one thing:  RFC 2965 in section 3.3.4 (last paragraph before
the note) specifies that cookies shall be sent in a defined order, those with
more specific paths preceeding those with less specific paths.
Considering the fuss of parsing manually set cookie headers, I wouldn't want
this to be implemented by the HTTP Client. But that should at least be pointed
out somewhere in the JavaDocs. In HttpMethod.{set|add}RequestHeader?

cheers,
  Roland

---------------------------------------------------------------------
To unsubscribe, e-mail: commons-httpclient-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: commons-httpclient-dev-help@jakarta.apache.org