hc-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Oliver Stöneberg (JIRA) <j...@apache.org>
Subject [jira] [Created] (HTTPCLIENT-1763) Invalid 'expires' attribute
Date Tue, 23 Aug 2016 11:57:20 GMT
Oliver Stöneberg created HTTPCLIENT-1763:
--------------------------------------------

             Summary: Invalid 'expires' attribute
                 Key: HTTPCLIENT-1763
                 URL: https://issues.apache.org/jira/browse/HTTPCLIENT-1763
             Project: HttpComponents HttpClient
          Issue Type: Bug
    Affects Versions: 4.5.2
            Reporter: Oliver Stöneberg


We updated HttpClient from 4.3.6 to 4.5.2 and suddenly these warnings started appearing:

[org.apache.http.client.protocol.ResponseProcessCookies] Invalid cookie header: "Set-Cookie:
PLAY_SESSION=; Max-Age=0; Expires=Tue, 23 Aug 2016 11:40:12 GMT; Path=/; Secure; HTTPOnly".
Invalid 'expires' attribute: Tue, 23 Aug 2016 11:40:12 GMT

Looks like this is actually a valid date according to several references:
https://en.wikipedia.org/wiki/HTTP_cookie#Expires_and_Max-Age
https://issues.apache.org/jira/browse/HTTPCLIENT-773
https://issues.apache.org/jira/browse/HTTPCLIENT-1077
https://issues.apache.org/jira/browse/HTTPCLIENT-923

We are not using any specific sookie spec, so CookieSpecs.DEFAULT is being used.

Looking at the source DefaultCookieSpec is being used which detects the netscape format by
looking at "expires" in the "Set-Cookie" handler which leads to NetscapeDraftSpec feeding
BasicExpiresHandler the NetscapeDraftSpec.EXPIRES_PATTERN which looks wrong to me.




--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@hc.apache.org
For additional commands, e-mail: dev-help@hc.apache.org


Mime
View raw message