[jira] [Created] (HADOOP-11443) hadoop.auth cookie has invalid Expires if used with non-US default Locale

["Gregory Chanan (JIRA)" <ji...@apache.org>]

Gregory Chanan created HADOOP-11443:
---------------------------------------

             Summary: hadoop.auth cookie has invalid Expires if used with non-US default Locale
                 Key: HADOOP-11443
                 URL: https://issues.apache.org/jira/browse/HADOOP-11443
             Project: Hadoop Common
          Issue Type: Bug
          Components: security
    Affects Versions: 2.5.0
            Reporter: Gregory Chanan
            Assignee: Gregory Chanan


The netscape cookie spec (http://curl.haxx.se/rfc/cookie_spec.html) does not specify the language of the EXPIRES attribute:

{code}
 The date string is formatted as:

    Wdy, DD-Mon-YYYY HH:MM:SS GMT

This is based on RFC 822, RFC 850, RFC 1036, and RFC 1123, with the variations that the only legal time zone is GMT and the separators between the elements of the date must be dashes. 
{code}

But RFC 822, lists the months as:
{code}
 month       =  "Jan"  /  "Feb" /  "Mar"  /  "Apr"
                 /  "May"  /  "Jun" /  "Jul"  /  "Aug"
                 /  "Sep"  /  "Oct" /  "Nov"  /  "Dec"
{code}

and some clients (i.e. httpclient) do not recognize Expires in other languages, so it's best to just use US English (which is the only Locale guaranteed to be supported by the jvm, see http://www.oracle.com/technetwork/articles/javase/locale-140624.html).



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)