hc-httpclient-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Reinhard Pagitsch <reinhard.pagit...@isis-papyrus.com>
Subject Re: HttpClient and cookies
Date Tue, 21 Oct 2008 06:45:26 GMT
Hello Joseph,

But why my Browsers (FF and IE) are sending the cookies back 
"correctly"? Or the Browsers are also "broken"?

Thank you,
Reinhard

Joseph Mocker wrote:
> It sounds like your webserver, or whatever is generating & processing 
> the session cookie, is in error. From my reads of RFC2109 & RFC2068, 
> quotes are reserved characters, they are not allowed in the cookie value.
>
> They say the cookie value can be either
>
>                     token | quoted-string
>
> where
>
>          token          = 1*<any CHAR except CTLs or tspecials>
>
>          tspecials      = "(" | ")" | "<" | ">" | "@"
>                         | "," | ";" | ":" | "\" | <">
>                         | "/" | "[" | "]" | "?" | "="
>                         | "{" | "}" | SP | HT
>
> and
>
>          quoted-string  = ( <"> *(qdtext) <"> )
>
>          qdtext         = <any TEXT except <">>
>
>
> So in your example, the quoted-string form is used, therefore the 
> quotes are not part of the cookie value.
>
> Perhaps one of the developers can comment?
>
>  --joe
>
>
> Reinhard Pagitsch wrote:
>> Hello to all,
>>
>> From our webserver I get a session cookie in the form 
>> POSESSIONID="dfgsdfgsdg="
>> But the HTTPClient sends back the cookie in the form 
>> POSESSIONID=dfgsdfgsdg=.
>> Therefore no authentication is done. Is there a way to configure the 
>> HttpClient to send back
>> the session cookie as it is and do no modifications?
>>
>> Thank you,
>> Reinhard
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: httpclient-users-unsubscribe@hc.apache.org
>> For additional commands, e-mail: httpclient-users-help@hc.apache.org
>>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: httpclient-users-unsubscribe@hc.apache.org
> For additional commands, e-mail: httpclient-users-help@hc.apache.org
>
>

-- 
Reinhard Pagitsch
IBA Team
ISIS Information Systems
Alter Wienerweg 12
A-2344 Ma. Enzersdorf, Austria
Phone: +43-2236-27551-219
Fax: +43-2236-21081
E-mail: reinhard.pagitsch@isis-papyrus.com
Product Support: +43-2236-27551-111
Open a support case via the ISIS Support Case Order Form:
http://www.isis-papyrus.com/e/pages/forms/2/hlorderform.html
Visit the ISIS Website: http://www.isis-papyrus.com
-----------------------------------------------------------------------
This e-mail is only intended for the recipient and not legally binding.
Unauthorised use, publication, reproduction or disclosure of the content
of this e-mail is not permitted. This email has been checked for known
viruses, but ISIS accepts no responsibility for malicious or 
inappropriate content.
-----------------------------------------------------------------------

---------------------------------------------------------------------
To unsubscribe, e-mail: httpclient-users-unsubscribe@hc.apache.org
For additional commands, e-mail: httpclient-users-help@hc.apache.org


Mime
View raw message