hc-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Gregory Chanan (JIRA)" <j...@apache.org>
Subject [jira] [Created] (HTTPCLIENT-1546) Cookie values can end up being double quoted
Date Tue, 19 Aug 2014 00:09:18 GMT
Gregory Chanan created HTTPCLIENT-1546:
------------------------------------------

             Summary: Cookie values can end up being double quoted
                 Key: HTTPCLIENT-1546
                 URL: https://issues.apache.org/jira/browse/HTTPCLIENT-1546
             Project: HttpComponents HttpClient
          Issue Type: Bug
          Components: HttpCookie
            Reporter: Gregory Chanan


I mentioned this issue on the mailing list and Oleg asked me to file a JIRA.

I have a cookie like this:
hadoop.auth="someValue"; Version=1; Expires=Fri, 01 Aug 2014 09:03:40 GMT; HttpOnly

Because it has an "Expires" attribute, httpclient treats it as a netscape cookie.  But, when
it is sent back to the server, it's sent double-quoted:
hadoop.auth=""someValue""; Version=1; Expires=Fri, 01 Aug 2014 09:03:40 GMT; HttpOnly
which causes the server to see the hadoop.auth value as "".

So, it seems like httpclient is being inconsistent in how it treats the version; it first
assumes version 0, but then treats it as version 1 and assumes it can add quotes.  Even though
the cookie is not a valid Version=1 Cookie, ideally httpclient would not double quote the
response.

NOTE: I tested this on httpclient 4.2.5, but that's not a choice for "Affects Version"



--
This message was sent by Atlassian JIRA
(v6.2#6252)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@hc.apache.org
For additional commands, e-mail: dev-help@hc.apache.org


Mime
View raw message