hc-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Oleg Kalnichevski (JIRA)" <j...@apache.org>
Subject [jira] [Resolved] (HTTPCLIENT-1720) secure cookies are not being sent to host:443 requests!
Date Tue, 16 Feb 2016 09:00:26 GMT

     [ https://issues.apache.org/jira/browse/HTTPCLIENT-1720?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Oleg Kalnichevski resolved HTTPCLIENT-1720.
-------------------------------------------
    Resolution: Cannot Reproduce

> secure cookies are not being sent to host:443 requests!
> -------------------------------------------------------
>
>                 Key: HTTPCLIENT-1720
>                 URL: https://issues.apache.org/jira/browse/HTTPCLIENT-1720
>             Project: HttpComponents HttpClient
>          Issue Type: Bug
>          Components: HttpClient
>    Affects Versions: 4.5.1
>            Reporter: praveen
>
> Hello,
> I observed the server is setting secure=true flag on 2 cookies, and they are not being
sent with any further requests in HC 4.5.1 (i tried with earlier version, upto 4.3 as well),
even when the request is being sent to https url, thus the session with server is broken.
> wire logs snippets:
> ......
> 05 Feb 2016 22:51:31,936 [DEBUG] [org.apache.http.client.protocol.RequestAddCookies.process()
] CookieSpec selected: standard
> 05 Feb 2016 22:51:31,936 [DEBUG] [org.apache.http.client.protocol.RequestAddCookies.process()
] Cookie [version: 0][name: a-ogbcbff][value: 1][domain: amazon.com][path: /][expiry: Fri
Feb 05 23:04:30 IST 2016] match [www.amazon.com:443/gp/....]
> 05 Feb 2016 22:51:31,937 [DEBUG] [org.apache.http.client.protocol.RequestAddCookies.process()
] Cookie [version: 0][name: session-id][value: 187-0...118442][domain: amazon.com][path: /][expiry:
Tue Jan 01 13:30:01 IST 2036] match [www.amazon.com:443/gp/....]
> 05 Feb 2016 22:51:31,937 [DEBUG] [org.apache.http.client.protocol.RequestAddCookies.process()
] Cookie [version: 0][name: session-id-time][value: 2082787201l][domain: amazon.com][path:
/][expiry: Tue Jan 01 13:30:01 IST 2036] match [www.amazon.com:443/gp/....]
> 05 Feb 2016 22:51:31,937 [DEBUG] [org.apache.http.client.protocol.RequestAddCookies.process()
] Cookie [version: 0][name: session-token][value: bL7a..2OAg==][domain: amazon.com][path:
/][expiry: Thu Jan 31 22:50:38 IST 2036] match [www.amazon.com:443/gp/....]
> 05 Feb 2016 22:51:31,937 [DEBUG] [org.apache.http.client.protocol.RequestAddCookies.process()
] Cookie [version: 0][name: skin][value: noskin][domain: amazon.com][path: /][expiry: null]
match [www.amazon.com:443/gp/....]
> 05 Feb 2016 22:51:31,937 [DEBUG] [org.apache.http.client.protocol.RequestAddCookies.process()
] Cookie [version: 0][name: ubid-main][value: 185-8870350-8865056][domain: amazon.com][path:
/][expiry: Tue Jan 01 13:30:01 IST 2036] match [www.amazon.com:443/gp/....]
> 05 Feb 2016 22:51:31,938 [DEBUG] [org.apache.http.client.protocol.RequestAddCookies.process()
] Cookie [version: 0][name: x-main][value: 0A8G..QeW][domain: amazon.com][path: /][expiry:
Thu Jan 31 22:50:38 IST 2036] match [www.amazon.com:443/gp/....]
> 05 Feb 2016 22:51:31,938 [DEBUG] [org.apache.http.client.protocol.RequestAddCookies.process()
] Cookie [version: 0][name: x-wl-uid][value: 16a..28=][domain: amazon.com][path: /][expiry:
Tue Jan 01 13:30:01 IST 2036] match [www.amazon.com:443/gp/....]
> 05 Feb 2016 22:51:31,938 [DEBUG] [org.apache.http.client.protocol.RequestAuthCache.process()
] Auth cache not set in the context
> ..........
> whereas the cookie store at this request time held these cookies:
> [
>   { "name": "a-ogbcbff", "value": "1", "creationDate": 1454692838839, "path": "/", "comment":
null, "version": 0, "domain": "amazon.com", "secure": false, "expiryDate": 1454693670000,
"commentURL": null, "persistent": true, "ports": null
>   },
>   { "name": "at-main", "value": "5|X5..fS50", "creationDate": 1454692838841, "path":
"/", "comment": null, "version": 0, "domain": "amazon.com", "secure": true, "expiryDate":
2085412830000, "commentURL": null, "persistent": true, "ports": null
>   },
>   { "name": "sess-at-main", "value": "qEy..Sc=", "creationDate": 1454692838841, "path":
"/", "comment": null, "version": 0, "domain": "amazon.com", "secure": true, "expiryDate":
null, "commentURL": null, "persistent": false, "ports": null
>   },
>   { "name": "session-id", "value": "187-0721455-2118442", "creationDate": 1454692892527,
"path": "/", "comment": null, "version": 0, "domain": "amazon.com", "secure": false, "expiryDate":
2082787201000, "commentURL": null, "persistent": true, "ports": null
>   },
>   { "name": "session-id-time", "value": "2082787201l", "creationDate": 1454692892527,
"path": "/", "comment": null, "version": 0, "domain": "amazon.com", "secure": false, "expiryDate":
2082787201000, "commentURL": null, "persistent": true, "ports": null
>   },
>   { "name": "session-token", "value": "bL7a..Ag==", "creationDate": 1454692838840, "path":
"/", "comment": null, "version": 0, "domain": "amazon.com", "secure": false, "expiryDate":
2085412838840, "commentURL": null, "persistent": true, "ports": null
>   },
>   { "name": "skin", "value": "noskin", "creationDate": 1454692839279, "path": "/", "comment":
null, "version": 0, "domain": "amazon.com", "secure": false, "expiryDate": null, "commentURL":
null, "persistent": false, "ports": null
>   },
>   { "name": "ubid-main", "value": "185-8870350-8865056", "creationDate": 1454692892527,
"path": "/", "comment": null, "version": 0, "domain": "amazon.com", "secure": false, "expiryDate":
2082787201000, "commentURL": null, "persistent": true, "ports": null
>   },
>   { "name": "x-main", "value": "0A8G...h9QeW", "creationDate": 1454692838841, "path":
"/", "comment": null, "version": 0, "domain": "amazon.com", "secure": false, "expiryDate":
2085412838841, "commentURL": null, "persistent": true, "ports": null
>   },
>   { "name": "x-wl-uid", "value": "16aq..0C28=", "creationDate": 1454692839280, "path":
"/", "comment": null, "version": 0, "domain": "amazon.com", "secure": false, "expiryDate":
2082787201000, "commentURL": null, "persistent": true, "ports": null
>   }
> ]
> Interestingly, if i reset the secure flag to false of each cookie in the cookieStore
after the request was made, then everything goes fine and session is maintained. 
> Didn't capture that logs.. Will do and post again.
> I used below code to create the client:
> RequestConfig globalRequestConfig = RequestConfig.custom()
> .setCookieSpec(CookieSpecs.STANDARD)
> ......
> CloseableHttpClient httpClient = HttpClientBuilder.create()
> .setDefaultRequestConfig(globalRequestConfig)
> .setDefaultCookieStore(cookieStore)
> ..............
> Am i doing anything wrong, or is something missed, or is it a bug?
> Thanks



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@hc.apache.org
For additional commands, e-mail: dev-help@hc.apache.org


Mime
View raw message