hc-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Nicolas Richeton (JIRA)" <j...@apache.org>
Subject [jira] [Updated] (HTTPCLIENT-1284) Cookie matching issue with virtual hosts
Date Wed, 19 Dec 2012 19:33:13 GMT

     [ https://issues.apache.org/jira/browse/HTTPCLIENT-1284?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Nicolas Richeton updated HTTPCLIENT-1284:
-----------------------------------------

    Attachment: TestCookieVirtualHost.java

Attached unit test with Cookie, Set-Cookie and Host headers assertions. 
                
> Cookie matching issue with virtual hosts
> ----------------------------------------
>
>                 Key: HTTPCLIENT-1284
>                 URL: https://issues.apache.org/jira/browse/HTTPCLIENT-1284
>             Project: HttpComponents HttpClient
>          Issue Type: Bug
>          Components: HttpClient
>    Affects Versions: 4.2.2, 4.2.3
>            Reporter: Nicolas Richeton
>         Attachments: TestCookieVirtualHost.java
>
>
> Following HTTPCLIENT-1282, there is an issue with cookie matching : only target host
is used for cookie origin, but with virtual host, this value is not the real host from the
client point of view.
> As a result, cookies get discarded by httpclient even if they match the virtual host
and would have been accepted by a browser.
> See the code of the following methods :
> RequestAddCookies#process()
> HttpHost targetHost = (HttpHost) context.getAttribute( ExecutionContext.HTTP_TARGET_HOST);
> ...
> String hostName = targetHost.getHostName();
> ...
> CookieOrigin cookieOrigin = new CookieOrigin( hostName, port, requestURI.getPath(), conn.isSecure());
> And
> ResponseProcessCookies#process()
> CookieOrigin cookieOrigin = (CookieOrigin) context.getAttribute(ClientContext.COOKIE_ORIGIN);
> ...
> processCookies(it, cookieSpec, cookieOrigin, cookieStore);

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@hc.apache.org
For additional commands, e-mail: dev-help@hc.apache.org


Mime
View raw message