Return-Path: X-Original-To: apmail-hc-dev-archive@www.apache.org Delivered-To: apmail-hc-dev-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 3EFE7EAA6 for ; Wed, 21 Nov 2012 16:50:01 +0000 (UTC) Received: (qmail 34417 invoked by uid 500); 21 Nov 2012 16:50:01 -0000 Delivered-To: apmail-hc-dev-archive@hc.apache.org Received: (qmail 33652 invoked by uid 500); 21 Nov 2012 16:50:00 -0000 Mailing-List: contact dev-help@hc.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: "HttpComponents Project" Delivered-To: mailing list dev@hc.apache.org Received: (qmail 33040 invoked by uid 99); 21 Nov 2012 16:49:58 -0000 Received: from arcas.apache.org (HELO arcas.apache.org) (140.211.11.28) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 21 Nov 2012 16:49:58 +0000 Date: Wed, 21 Nov 2012 16:49:58 +0000 (UTC) From: "Karl Wright (JIRA)" To: dev@hc.apache.org Message-ID: <875063350.12959.1353516598657.JavaMail.jiratomcat@arcas> In-Reply-To: <615933728.12273.1353505558205.JavaMail.jiratomcat@arcas> Subject: [jira] [Commented] (HTTPCLIENT-1264) Need CookiePolicy.BROWSER_COMPATIBILITY_MEDIUM_SECURITY policy MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394 [ https://issues.apache.org/jira/browse/HTTPCLIENT-1264?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13502115#comment-13502115 ] Karl Wright commented on HTTPCLIENT-1264: ----------------------------------------- Hi Oleg, As you are no doubt aware, browsers have a number of security settings. The site where we encountered this construct had seemingly been set up to require IE to be set to "medium" security. I verified that both IE and Firefox were able to log into this particular site, with the medium security setting, so browsers clearly ignore this particular check under those conditions. The ticket CONNECTORS-97 has full details as to the site and what my analysis discovered. > Need CookiePolicy.BROWSER_COMPATIBILITY_MEDIUM_SECURITY policy > -------------------------------------------------------------- > > Key: HTTPCLIENT-1264 > URL: https://issues.apache.org/jira/browse/HTTPCLIENT-1264 > Project: HttpComponents HttpClient > Issue Type: Improvement > Components: HttpClient > Affects Versions: 4.2.2 > Reporter: Karl Wright > > The ManifoldCF project is currently moving to HttpComponents 4.2.2 from a heavily patched commons-httpclient 3.1 version. One of the patches seems to have no particular equivalent yet in HttpComponents. Please see CONNECTORS-119 for details about what the patch did, and research into the current HttpComponents code base. > I am happy to create a specific patch if that is desired; please let me know. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscribe@hc.apache.org For additional commands, e-mail: dev-help@hc.apache.org