hc-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Oleg Kalnichevski (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HTTPCLIENT-1284) Cookie matching issue with virtual hosts
Date Thu, 20 Dec 2012 10:43:13 GMT

    [ https://issues.apache.org/jira/browse/HTTPCLIENT-1284?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13536931#comment-13536931

Oleg Kalnichevski commented on HTTPCLIENT-1284:

The present HttpClient's behavior is wrong. It incorrectly assumes the logical host name specified
in the request URI and the physical target host in the connection route to be the same. 

I am working on a fix. Bear with me for a little while.

> Cookie matching issue with virtual hosts
> ----------------------------------------
>                 Key: HTTPCLIENT-1284
>                 URL: https://issues.apache.org/jira/browse/HTTPCLIENT-1284
>             Project: HttpComponents HttpClient
>          Issue Type: Bug
>          Components: HttpClient
>    Affects Versions: 4.2.2, 4.2.3
>            Reporter: Nicolas Richeton
>         Attachments: TestCookieVirtualHost.java
> Following HTTPCLIENT-1282, there is an issue with cookie matching : only target host
is used for cookie origin, but with virtual host, this value is not the real host from the
client point of view.
> As a result, cookies get discarded by httpclient even if they match the virtual host
and would have been accepted by a browser.
> See the code of the following methods :
> RequestAddCookies#process()
> HttpHost targetHost = (HttpHost) context.getAttribute( ExecutionContext.HTTP_TARGET_HOST);
> ...
> String hostName = targetHost.getHostName();
> ...
> CookieOrigin cookieOrigin = new CookieOrigin( hostName, port, requestURI.getPath(), conn.isSecure());
> And
> ResponseProcessCookies#process()
> CookieOrigin cookieOrigin = (CookieOrigin) context.getAttribute(ClientContext.COOKIE_ORIGIN);
> ...
> processCookies(it, cookieSpec, cookieOrigin, cookieStore);

This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

To unsubscribe, e-mail: dev-unsubscribe@hc.apache.org
For additional commands, e-mail: dev-help@hc.apache.org

View raw message