hc-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Oleg Kalnichevski (JIRA)" <j...@apache.org>
Subject [jira] Commented: (HTTPCLIENT-1043) BasicPathHandler match bug
Date Fri, 14 Jan 2011 15:17:47 GMT

    [ https://issues.apache.org/jira/browse/HTTPCLIENT-1043?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12981784#action_12981784
] 

Oleg Kalnichevski commented on HTTPCLIENT-1043:
-----------------------------------------------

The HTTP specification clearly states that the path attribute must be a prefix of the request-URI.
See the extracts above. Therefore a cookie with the path "/d1/d2" can be sent to "/d1/d2/d3"
but cannot be sent to "/d1".

If your application needs to be compatible with broken web sites that violate the HTTP specification,
you can implement a custom cookie spec or override the path matching logic of the default
implementation. 

Oleg 

> BasicPathHandler match bug
> --------------------------
>
>                 Key: HTTPCLIENT-1043
>                 URL: https://issues.apache.org/jira/browse/HTTPCLIENT-1043
>             Project: HttpComponents HttpClient
>          Issue Type: Bug
>          Components: HttpCookie
>    Affects Versions: 4.0.1, 4.0.2, 4.0.3, 4.1 Alpha1, 4.1 Alpha2, 4.1 Beta1
>            Reporter: Dmitry Grytsovets
>            Priority: Minor
>
> in BasicPathHandler
>    boolean match = targetpath.startsWith (topmostPath);
>         // if there is a match and these values are not exactly the same we have
>         // to make sure we're not matcing "/foobar" and "/foo"
>         if (match && targetpath.length() != topmostPath.length()) {
>             if (!topmostPath.endsWith("/")) {
>                 match = (targetpath.charAt(topmostPath.length()) == '/');
>             }
>         }
> must be changed to
>    boolean match = topmostPath.startsWith (targetpath);
>         // if there is a match and these values are not exactly the same we have
>         // to make sure we're not matcing "/foobar" and "/foo"
>         if (match && targetpath.length() != topmostPath.length()) {
>             if (!targetPath.endsWith("/")) {
>                 match = (topmostPath.charAt(targetpath.length()-1) == '/');
>             }
>         }
> example 
> targetpath = "/stat/" // where are you
> topmostPath  = "/stat/domain.tld/" // cookie for path

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@hc.apache.org
For additional commands, e-mail: dev-help@hc.apache.org


Mime
View raw message