hc-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Oleg Kalnichevski (Resolved) (JIRA)" <j...@apache.org>
Subject [jira] [Resolved] (HTTPCLIENT-1141) Cookie path is incorectly parsed
Date Wed, 02 Nov 2011 16:21:32 GMT

     [ https://issues.apache.org/jira/browse/HTTPCLIENT-1141?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel

Oleg Kalnichevski resolved HTTPCLIENT-1141.

    Resolution: Invalid


HttpClient 4.1.x and newer correctly identifies the cookie in question (Set-Cookie: debug_session=3bf3dc0a-9207-484c-bf22-a4e4c882f205;
Path="" ) as a non-standard cookie and correctly applies Netscape Draft cookie policy to it.
Netscape Draft does not specify any particular format for cookie attributes and therefore
quote marks are considered to be a part of attribute value. The "" path obviously does not
match the origin and the cookie gets rejected.

You can override this behavior by forcing HttpClient to use the Browser Compatibility cookie
policy instead of the Best Match one.

> Cookie path is incorectly parsed
> --------------------------------
>                 Key: HTTPCLIENT-1141
>                 URL: https://issues.apache.org/jira/browse/HTTPCLIENT-1141
>             Project: HttpComponents HttpClient
>          Issue Type: Bug
>          Components: HttpClient
>    Affects Versions: 4.1.2
>         Environment: httpclient-4.1.2, httpcore-4.2-alpha2
>            Reporter: Rosen Anastasov
> A cookie (in my case the session cookie) is rejected because of incorrectly parsed cookie
path value.
> The response header is Set-Cookie: debug_session=3bf3dc0a-9207-484c-bf22-a4e4c882f205;
> And the reported failure is:
> ResponseProcessCookies - Cookie rejected: "[version: 0][name: debug_session][value: 3bf3dc0a-9207-484c-bf22-a4e4c882f205][domain:
localhost][path: ""][expiry: null]". Illegal path attribute """". Path of origin: "/abc"
> In older version of the client (4.0.1) the log looks like:
> ResponseProcessCookies - Cookie accepted: "[version: 0][name: debug_session][value: d8d0899b-e388-4f53-84b1-a6af36528340][domain:
localhost][path: /][expiry: null]".
> So I suppose that the issue is related with the cookie path parsing.

This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira


To unsubscribe, e-mail: dev-unsubscribe@hc.apache.org
For additional commands, e-mail: dev-help@hc.apache.org

View raw message