hc-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Francois-Xavier Bonnet (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HTTPCLIENT-1327) BrowserCompatSpec double quotes cookie value when cookie has "expires" attribute
Date Fri, 22 Feb 2013 11:26:12 GMT

    [ https://issues.apache.org/jira/browse/HTTPCLIENT-1327?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13584205#comment-13584205

Francois-Xavier Bonnet commented on HTTPCLIENT-1327:

Yes, strict policies have to be 100% compatible with the specifications.
For BrowserCompatSpec, I wonder if we should not just take the cookie value as it is (with
or without quotes) whatever the version attribute value.
By the way what is the use for this test if (netscape || !versioned) ? I did not see much
comments in the code and no unit tests. Do browsers really do that ?
> BrowserCompatSpec double quotes cookie value when cookie has "expires" attribute
> --------------------------------------------------------------------------------
>                 Key: HTTPCLIENT-1327
>                 URL: https://issues.apache.org/jira/browse/HTTPCLIENT-1327
>             Project: HttpComponents HttpClient
>          Issue Type: Bug
>          Components: HttpClient
>    Affects Versions: 4.3 Alpha1
>            Reporter: Francois-Xavier Bonnet
>            Priority: Minor
> When receiving this header:
> Set-Cookie: test="test"; Version=1; Max-Age=1000; Expires=Mon, 11-Feb-2013 10:39:19 GMT;
> If you parse and format again the cookie you get:
> Cookie: test="\"test\""
> I tested with the last versions of Firefox, Chrome and Internet Explorer and you always
> Cookie: test="test"
> You can easily get such a cookie with Tomcat:
>         Cookie tomcatCookie = new Cookie("test", "test");
>         tomcatCookie.setPath("/");
>         tomcatCookie.setMaxAge(1000);
>         response.addCookie(tomcatCookie);
> The problem is that BrowserCompatSpec considers it as a Netscape style cookie because
of expires attribute so the quotes are considered as being part of the value.

This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

To unsubscribe, e-mail: dev-unsubscribe@hc.apache.org
For additional commands, e-mail: dev-help@hc.apache.org

View raw message