hc-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Oleg Kalnichevski (JIRA)" <j...@apache.org>
Subject [jira] [Resolved] (HTTPCLIENT-1212) SET-COOKIE header with RFC1036 Date cannot be parsed / is dropped
Date Wed, 04 Jul 2012 09:14:34 GMT

     [ https://issues.apache.org/jira/browse/HTTPCLIENT-1212?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Oleg Kalnichevski resolved HTTPCLIENT-1212.
-------------------------------------------

    Resolution: Invalid

'Set-Cookie: testcookie=test; Expires=Wed, 03-Jul-2013 13:39:50 GMT; Path=/' cookie is not
a valid RFC 2109 cookie. The RFC 2109 is not supposed to handle old Netscape style cookies.
Use Best Match or Browser compatibility policy instead.

Oleg
                
> SET-COOKIE header with RFC1036 Date cannot be parsed / is dropped
> -----------------------------------------------------------------
>
>                 Key: HTTPCLIENT-1212
>                 URL: https://issues.apache.org/jira/browse/HTTPCLIENT-1212
>             Project: HttpComponents HttpClient
>          Issue Type: Bug
>          Components: HttpClient
>    Affects Versions: 4.2 Final
>         Environment: Linux version 3.2.0-3-amd64 (Debian 3.2.21-3) (debian-kernel@lists.debian.org)
(gcc version 4.6.3 (Debian 4.6.3-8) )
>            Reporter: Achim Westermann
>
> Problem: Server sends a cookie in RF-1036 date: 
> DEBUG [org.apache.http.wire] << "HTTP/1.0 301 Moved Permanently[\r][\n]"
> DEBUG [org.apache.http.wire] << "Server: Apache-Coyote/1.1[\r][\n]"
> DEBUG [org.apache.http.wire] << "X-Powered-By: Servlet 2.5; JBoss-5.0/JBossWeb-2.1[\r][\n]"
> DEBUG [org.apache.http.wire] << "Set-Cookie: testcookie=test; Expires=Wed, 03-Jul-2013
13:39:50 GMT; Path=/[\r][\n]"
> DEBUG [org.apache.http.wire] << "P3P: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi
IVDi CONi HIS OUR IND CNT'[\r][\n]"
> DEBUG [org.apache.http.wire] << "Location: http://de.eso.tv/wahrsager-hellseher[\r][\n]"
> DEBUG [org.apache.http.wire] << "Content-Length: 0[\r][\n]"
> DEBUG [org.apache.http.wire] << "Date: Tue, 03 Jul 2012 13:39:50 GMT[\r][\n]"
> DEBUG [org.apache.http.wire] << "X-Varnish: 1697680967[\r][\n]"
> DEBUG [org.apache.http.wire] << "Age: 0[\r][\n]"
> DEBUG [org.apache.http.wire] << "Via: 1.1 varnish[\r][\n]"
> DEBUG [org.apache.http.wire] << "X-Cache: MISS from dslrouter02.qintern.de[\r][\n]"
> DEBUG [org.apache.http.wire] << "X-Cache-Lookup: MISS from dslrouter02.qintern.de:3128[\r][\n]"
> DEBUG [org.apache.http.wire] << "Proxy-Connection: keep-alive[\r][\n]"
> DEBUG [org.apache.http.wire] << "[\r][\n]"
> The RFC2109Spec.java uses the DateUtils.PATTERN_RFC1036 in the default set for cookie
dates. 
> Method RFC2109Spec.parse(Header, CookieOrigin), line 108 uses: header.getElements();
> This method sees the ',' as the delimiter between two header elements (BasicHeaderValueParser.,
line 162 (ELEM_DELIMITER). 
> Given the header: "Set-Cookie: testcookie=test; Expires=Wed, 03-Jul-2013 14:22:28 GMT;
Path=/" 
> we end up with two HeaderElement instances: 
> 1. testcookie=test; Expires=Wed
> 2. 03-Jul-2013 14:22:28 GMT; Path=/ 
> Now back from httpcore to httpclient:CookieSpecBase.parse(HeaderElement[], CookieOrigin),
line 93: 
> This leads to BasicExpiresHandler.parse(SetCookie, String) being called with a value
"Wed" and to a MalformedCookieException. 
> For the big picture: httpclient sessions that have to send cookies (e.g. for preventing
redirect-loops) will not work with servers sending this date format. 

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira

        

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@hc.apache.org
For additional commands, e-mail: dev-help@hc.apache.org


Mime
View raw message