hc-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Alexander Bernstein (JIRA)" <j...@apache.org>
Subject [jira] [Created] (HTTPCLIENT-1685) PublicSuffixDomainFilter.match() returns true for any simple host name.
Date Wed, 23 Sep 2015 15:00:05 GMT
Alexander Bernstein created HTTPCLIENT-1685:

             Summary: PublicSuffixDomainFilter.match() returns true for any simple host name.
                 Key: HTTPCLIENT-1685
                 URL: https://issues.apache.org/jira/browse/HTTPCLIENT-1685
             Project: HttpComponents HttpClient
          Issue Type: Bug
          Components: HttpClient
    Affects Versions: 4.5
            Reporter: Alexander Bernstein

HttpClient built by HttpClientBuilder ends up with publicSuffixMatcher created by PublicSuffixMatcherLoader.getDefault().
Later on, this object gets passed to CookieSpecRegistries.createDefault(publicSuffixMatcherCopy),
if the cookieSpecRegistry is not set explicitly.

With this scenario, using simple host names (i.e. a name without a dot character, such as
"server1" ) fails. 

The reason seems to be the org.apache.http.impl.cookie.PublicSuffixDomainFilter.match(Cookie,
CookieOrigin). This method returns a boolean indicating whether the domain is in the blacklist.

For any host name that is not a "localhost", the PublicSuffixMatcher.matches() is called,
on line 76. This method returns true for any hostname that does not contain a dot charcter.
Which causes the return false, on line 77. 

Is this a correct behavior? If my server is called "server1", why should its name "match"
a public suffix? And how do I make this code to recognize simple host names like this? If
this is an expected behavior, is there a documented way to prevent it?

This message was sent by Atlassian JIRA

To unsubscribe, e-mail: dev-unsubscribe@hc.apache.org
For additional commands, e-mail: dev-help@hc.apache.org

View raw message