hc-httpclient-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Oleg Kalnichevski <ol...@apache.org>
Subject Re: Cookie BestMatchSpec differences between 4.0-b2 and 4.0-rc1
Date Tue, 07 Jul 2009 21:23:39 GMT
Sam Crawford wrote:
> Afternoon all,
> As mentioned in my previous mail, we've just moved to 4.0-rc1 from 4.0-b2.
> We've just had a report of a strange application issue, which appears to
> stem from a persistent cookie being rejected by HttpClient's BestMatchSpec.
> I've tried visiting the same page that sends the cookie in 4.0b2 and it
> accepts it just fine.
> 
> Log from the error is shown below.
> 
> I've tried using BrowserCompatSpec instead, and that seems to solve it, but
> I'm hesitant to move to that without running this issue past people here
> first. The expires attribute *looks* okay to me, but I'll gladly defer to
> your better cookie specification knowledge!
> 
> Thanks,
> 
> Sam
> 
> 
> 
> [DEBUG] headers - << Set-Cookie:
> SESSf0c10f7f3c24e332bd057d860365d74c=kh1ic3aas0q476fjglvjoa58r2;
> expires=Thu, 30 Jul 2009 18:51:39 GMT; path=/; domain=.
> subdomain.company.com#]
> 

Sam,

Based on the properties of the cookie HttpClient picked up Netscape 
Draft cookie spec, because only this specification permits commas in 
values that are not enclosed with quotes. Prior to 4.0-rc1 
BrowserCompatSpec was chosen, which I felt was wrong.


The trouble is that according to the Netscape draft, the expiry date is 
expected to be in the following format:

'EEE, dd-MMM-yyyy HH:mm:ss z'

As a result the cookie gets rejected.

There are two possibilities to work the problem around:

(1) Override the date format using 'http.protocol.cookie-datepatterns' 
parameter. This value will apply to all cookie specs.

(2) Set the browser compatibility cookie spec for that particular host 
using the 'http.protocol.cookie-policy' parameter on the HTTP request level.

Hope this helps

Oleg


> [DEBUG] ResponseProcessCookies - Cookie accepted: "[version: 0][name:
> SESSf0c10f7f3c24e332bd057d860365d74c][value:
> kh1ic3aas0q476fjglvjoa58r2][domain: .subdomain.company.com][path: /][expiry:
> Thu Jul 30 19:51:39 BST 2009]". |#]
> 
> [WARN] ResponseHandlerFactory - Received malformed cookie:
> org.apache.http.cookie.MalformedCookieException: Unable to parse expires
> attribute: Thu, 30 Jul 2009 18:51:39 GMT
> 
>         at
> org.apache.http.impl.cookie.BasicExpiresHandler.parse(BasicExpiresHandler.java:67)
> 
>         at
> org.apache.http.impl.cookie.CookieSpecBase.parse(CookieSpecBase.java:94)
> 
>         at
> org.apache.http.impl.cookie.NetscapeDraftSpec.parse(NetscapeDraftSpec.java:143)
> 
>         at
> org.apache.http.impl.cookie.BestMatchSpec.parse(BestMatchSpec.java:130)
> 
>         ...
> 
>         at
> com.sun.enterprise.web.connector.grizzly.DefaultReadTask.doTask(DefaultReadTask.java:263)
> 
>         at
> com.sun.enterprise.web.connector.grizzly.DefaultReadTask.doTask(DefaultReadTask.java:214)
> 
>         at
> com.sun.enterprise.web.connector.grizzly.TaskBase.run(TaskBase.java:265)
> 
>         at
> com.sun.enterprise.web.connector.grizzly.ssl.SSLWorkerThread.run(SSLWorkerThread.java:106)
> 
> |#]
> 


---------------------------------------------------------------------
To unsubscribe, e-mail: httpclient-users-unsubscribe@hc.apache.org
For additional commands, e-mail: httpclient-users-help@hc.apache.org


Mime
View raw message