You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@shindig.apache.org by "Hasan Ceylan (JIRA)" <ji...@apache.org> on 2010/07/13 14:00:56 UTC
[jira] Created: (SHINDIG-1382) MakeRequestHandler keeps and sends
cookies regardless of contexes / users etc.
MakeRequestHandler keeps and sends cookies regardless of contexes / users etc.
-------------------------------------------------------------------------------
Key: SHINDIG-1382
URL: https://issues.apache.org/jira/browse/SHINDIG-1382
Project: Shindig
Issue Type: Bug
Components: Java
Affects Versions: 2.0.0-RC1
Environment: N/A
Reporter: Hasan Ceylan
Priority: Critical
AFAIK, shindig switched to http-comps as the http library.
This library by default just like a browser caches the cookies returned by the backend servers and re-uses those cookies all the time.
Attached patch resolves the issues by rejecting validation of cookies with a custom cookie policy.
Regards,
Hasan Ceylan
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Issue Comment Edited: (SHINDIG-1382) MakeRequestHandler
keeps and sends cookies regardless of contexes / users etc.
Posted by "Henry Saputra (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/SHINDIG-1382?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12887894#action_12887894 ]
Henry Saputra edited comment on SHINDIG-1382 at 7/13/10 2:01 PM:
-----------------------------------------------------------------
Could you upload your patch to http://codereview.appspot.com/ for easy review?
was (Author: hsaputra):
Would you mind uploading your patch to http://codereview.appspot.com/ for easy review?
> MakeRequestHandler keeps and sends cookies regardless of contexes / users etc.
> -------------------------------------------------------------------------------
>
> Key: SHINDIG-1382
> URL: https://issues.apache.org/jira/browse/SHINDIG-1382
> Project: Shindig
> Issue Type: Bug
> Components: Java
> Affects Versions: 2.0.0-RC1
> Environment: N/A
> Reporter: Hasan Ceylan
> Priority: Critical
> Attachments: shindig-cookie.patch
>
>
> AFAIK, shindig switched to http-comps as the http library.
> This library by default just like a browser caches the cookies returned by the backend servers and re-uses those cookies all the time.
> Attached patch resolves the issues by rejecting validation of cookies with a custom cookie policy.
> Regards,
> Hasan Ceylan
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (SHINDIG-1382) MakeRequestHandler keeps and sends
cookies regardless of contexes / users etc.
Posted by "Hasan Ceylan (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/SHINDIG-1382?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12887746#action_12887746 ]
Hasan Ceylan commented on SHINDIG-1382:
---------------------------------------
Simple minds, perfect solutions... :)
So the original issue is legit, right?
Any chance of incorporating the change (one or other way) into shindig source?
Regards,
Hasan Ceylan
> MakeRequestHandler keeps and sends cookies regardless of contexes / users etc.
> -------------------------------------------------------------------------------
>
> Key: SHINDIG-1382
> URL: https://issues.apache.org/jira/browse/SHINDIG-1382
> Project: Shindig
> Issue Type: Bug
> Components: Java
> Affects Versions: 2.0.0-RC1
> Environment: N/A
> Reporter: Hasan Ceylan
> Priority: Critical
> Attachments: shindig-cookie.patch
>
>
> AFAIK, shindig switched to http-comps as the http library.
> This library by default just like a browser caches the cookies returned by the backend servers and re-uses those cookies all the time.
> Attached patch resolves the issues by rejecting validation of cookies with a custom cookie policy.
> Regards,
> Hasan Ceylan
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (SHINDIG-1382) MakeRequestHandler keeps and sends
cookies regardless of contexes / users etc.
Posted by "Mat Mannion (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/SHINDIG-1382?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Mat Mannion updated SHINDIG-1382:
---------------------------------
Attachment: shindig-1382.patch
> MakeRequestHandler keeps and sends cookies regardless of contexes / users etc.
> -------------------------------------------------------------------------------
>
> Key: SHINDIG-1382
> URL: https://issues.apache.org/jira/browse/SHINDIG-1382
> Project: Shindig
> Issue Type: Bug
> Components: Java
> Affects Versions: 2.0.0-RC1
> Environment: N/A
> Reporter: Hasan Ceylan
> Priority: Critical
> Attachments: shindig-1382.patch, shindig-cookie.patch
>
>
> AFAIK, shindig switched to http-comps as the http library.
> This library by default just like a browser caches the cookies returned by the backend servers and re-uses those cookies all the time.
> Attached patch resolves the issues by rejecting validation of cookies with a custom cookie policy.
> Regards,
> Hasan Ceylan
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (SHINDIG-1382) MakeRequestHandler keeps and sends
cookies regardless of contexes / users etc.
Posted by "Hasan Ceylan (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/SHINDIG-1382?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12888071#action_12888071 ]
Hasan Ceylan commented on SHINDIG-1382:
---------------------------------------
Hey Henry,
Mat's solution looks better.
Would you still like mine to be uploaded?
> MakeRequestHandler keeps and sends cookies regardless of contexes / users etc.
> -------------------------------------------------------------------------------
>
> Key: SHINDIG-1382
> URL: https://issues.apache.org/jira/browse/SHINDIG-1382
> Project: Shindig
> Issue Type: Bug
> Components: Java
> Affects Versions: 2.0.0-RC1
> Environment: N/A
> Reporter: Hasan Ceylan
> Priority: Critical
> Attachments: shindig-1382.patch, shindig-cookie.patch
>
>
> AFAIK, shindig switched to http-comps as the http library.
> This library by default just like a browser caches the cookies returned by the backend servers and re-uses those cookies all the time.
> Attached patch resolves the issues by rejecting validation of cookies with a custom cookie policy.
> Regards,
> Hasan Ceylan
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (SHINDIG-1382) MakeRequestHandler keeps and sends
cookies regardless of contexes / users etc.
Posted by "Mat Mannion (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/SHINDIG-1382?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12887911#action_12887911 ]
Mat Mannion commented on SHINDIG-1382:
--------------------------------------
For my part, I've uploaded the patch I suggested here: http://codereview.appspot.com/1825042/show
> MakeRequestHandler keeps and sends cookies regardless of contexes / users etc.
> -------------------------------------------------------------------------------
>
> Key: SHINDIG-1382
> URL: https://issues.apache.org/jira/browse/SHINDIG-1382
> Project: Shindig
> Issue Type: Bug
> Components: Java
> Affects Versions: 2.0.0-RC1
> Environment: N/A
> Reporter: Hasan Ceylan
> Priority: Critical
> Attachments: shindig-cookie.patch
>
>
> AFAIK, shindig switched to http-comps as the http library.
> This library by default just like a browser caches the cookies returned by the backend servers and re-uses those cookies all the time.
> Attached patch resolves the issues by rejecting validation of cookies with a custom cookie policy.
> Regards,
> Hasan Ceylan
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (SHINDIG-1382) MakeRequestHandler keeps and sends
cookies regardless of contexes / users etc.
Posted by "Henry Saputra (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/SHINDIG-1382?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12890111#action_12890111 ]
Henry Saputra commented on SHINDIG-1382:
----------------------------------------
This is fixed with http://svn.apache.org/viewvc?rev=965649&view=rev commit.
> MakeRequestHandler keeps and sends cookies regardless of contexes / users etc.
> -------------------------------------------------------------------------------
>
> Key: SHINDIG-1382
> URL: https://issues.apache.org/jira/browse/SHINDIG-1382
> Project: Shindig
> Issue Type: Bug
> Components: Java
> Affects Versions: 2.0.0-RC1
> Environment: N/A
> Reporter: Hasan Ceylan
> Priority: Critical
> Attachments: shindig-1382.patch, shindig-cookie.patch
>
>
> AFAIK, shindig switched to http-comps as the http library.
> This library by default just like a browser caches the cookies returned by the backend servers and re-uses those cookies all the time.
> Attached patch resolves the issues by rejecting validation of cookies with a custom cookie policy.
> Regards,
> Hasan Ceylan
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (SHINDIG-1382) MakeRequestHandler keeps and sends
cookies regardless of contexes / users etc.
Posted by "Henry Saputra (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/SHINDIG-1382?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12888113#action_12888113 ]
Henry Saputra commented on SHINDIG-1382:
----------------------------------------
Hasan, if you are ok with Mat's solution we could use it for review.
But your patch contain separate fix for DefaultJsUriManager.java right?
> MakeRequestHandler keeps and sends cookies regardless of contexes / users etc.
> -------------------------------------------------------------------------------
>
> Key: SHINDIG-1382
> URL: https://issues.apache.org/jira/browse/SHINDIG-1382
> Project: Shindig
> Issue Type: Bug
> Components: Java
> Affects Versions: 2.0.0-RC1
> Environment: N/A
> Reporter: Hasan Ceylan
> Priority: Critical
> Attachments: shindig-1382.patch, shindig-cookie.patch
>
>
> AFAIK, shindig switched to http-comps as the http library.
> This library by default just like a browser caches the cookies returned by the backend servers and re-uses those cookies all the time.
> Attached patch resolves the issues by rejecting validation of cookies with a custom cookie policy.
> Regards,
> Hasan Ceylan
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Issue Comment Edited: (SHINDIG-1382) MakeRequestHandler
keeps and sends cookies regardless of contexes / users etc.
Posted by "Mat Mannion (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/SHINDIG-1382?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12887734#action_12887734 ]
Mat Mannion edited comment on SHINDIG-1382 at 7/13/10 8:42 AM:
---------------------------------------------------------------
Alternatively, we could modify BasicHttpFetcher to do:
client.removeRequestInterceptorByClass(RequestAddCookies.class);
client.removeResponseInterceptorByClass(ResponseProcessCookies.class);
was (Author: mmannion):
Alternatively, we could modify BasicHttpFetcher to do:
{code}
client.removeRequestInterceptorByClass(RequestAddCookies.class);
client.removeResponseInterceptorByClass(ResponseProcessCookies.class);
{code}
> MakeRequestHandler keeps and sends cookies regardless of contexes / users etc.
> -------------------------------------------------------------------------------
>
> Key: SHINDIG-1382
> URL: https://issues.apache.org/jira/browse/SHINDIG-1382
> Project: Shindig
> Issue Type: Bug
> Components: Java
> Affects Versions: 2.0.0-RC1
> Environment: N/A
> Reporter: Hasan Ceylan
> Priority: Critical
> Attachments: shindig-cookie.patch
>
>
> AFAIK, shindig switched to http-comps as the http library.
> This library by default just like a browser caches the cookies returned by the backend servers and re-uses those cookies all the time.
> Attached patch resolves the issues by rejecting validation of cookies with a custom cookie policy.
> Regards,
> Hasan Ceylan
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Closed: (SHINDIG-1382) MakeRequestHandler keeps and sends
cookies regardless of contexes / users etc.
Posted by "Henry Saputra (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/SHINDIG-1382?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Henry Saputra closed SHINDIG-1382.
----------------------------------
Fix Version/s: 2.0.0
Resolution: Fixed
> MakeRequestHandler keeps and sends cookies regardless of contexes / users etc.
> -------------------------------------------------------------------------------
>
> Key: SHINDIG-1382
> URL: https://issues.apache.org/jira/browse/SHINDIG-1382
> Project: Shindig
> Issue Type: Bug
> Components: Java
> Affects Versions: 2.0.0-RC1
> Environment: N/A
> Reporter: Hasan Ceylan
> Priority: Critical
> Fix For: 2.0.0
>
> Attachments: shindig-1382.patch, shindig-cookie.patch
>
>
> AFAIK, shindig switched to http-comps as the http library.
> This library by default just like a browser caches the cookies returned by the backend servers and re-uses those cookies all the time.
> Attached patch resolves the issues by rejecting validation of cookies with a custom cookie policy.
> Regards,
> Hasan Ceylan
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (SHINDIG-1382) MakeRequestHandler keeps and sends
cookies regardless of contexes / users etc.
Posted by "Henry Saputra (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/SHINDIG-1382?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12887894#action_12887894 ]
Henry Saputra commented on SHINDIG-1382:
----------------------------------------
Would you mind uploading your patch to http://codereview.appspot.com/ for easy review?
> MakeRequestHandler keeps and sends cookies regardless of contexes / users etc.
> -------------------------------------------------------------------------------
>
> Key: SHINDIG-1382
> URL: https://issues.apache.org/jira/browse/SHINDIG-1382
> Project: Shindig
> Issue Type: Bug
> Components: Java
> Affects Versions: 2.0.0-RC1
> Environment: N/A
> Reporter: Hasan Ceylan
> Priority: Critical
> Attachments: shindig-cookie.patch
>
>
> AFAIK, shindig switched to http-comps as the http library.
> This library by default just like a browser caches the cookies returned by the backend servers and re-uses those cookies all the time.
> Attached patch resolves the issues by rejecting validation of cookies with a custom cookie policy.
> Regards,
> Hasan Ceylan
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (SHINDIG-1382) MakeRequestHandler keeps and sends
cookies regardless of contexes / users etc.
Posted by "Mat Mannion (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/SHINDIG-1382?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12887734#action_12887734 ]
Mat Mannion commented on SHINDIG-1382:
--------------------------------------
Alternatively, we could modify BasicHttpFetcher to do:
{code}
client.removeRequestInterceptorByClass(RequestAddCookies.class);
client.removeResponseInterceptorByClass(ResponseProcessCookies.class);
{code}
> MakeRequestHandler keeps and sends cookies regardless of contexes / users etc.
> -------------------------------------------------------------------------------
>
> Key: SHINDIG-1382
> URL: https://issues.apache.org/jira/browse/SHINDIG-1382
> Project: Shindig
> Issue Type: Bug
> Components: Java
> Affects Versions: 2.0.0-RC1
> Environment: N/A
> Reporter: Hasan Ceylan
> Priority: Critical
> Attachments: shindig-cookie.patch
>
>
> AFAIK, shindig switched to http-comps as the http library.
> This library by default just like a browser caches the cookies returned by the backend servers and re-uses those cookies all the time.
> Attached patch resolves the issues by rejecting validation of cookies with a custom cookie policy.
> Regards,
> Hasan Ceylan
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (SHINDIG-1382) MakeRequestHandler keeps and sends
cookies regardless of contexes / users etc.
Posted by "Hasan Ceylan (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/SHINDIG-1382?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Hasan Ceylan updated SHINDIG-1382:
----------------------------------
Attachment: shindig-cookie.patch
Patch to resolve
> MakeRequestHandler keeps and sends cookies regardless of contexes / users etc.
> -------------------------------------------------------------------------------
>
> Key: SHINDIG-1382
> URL: https://issues.apache.org/jira/browse/SHINDIG-1382
> Project: Shindig
> Issue Type: Bug
> Components: Java
> Affects Versions: 2.0.0-RC1
> Environment: N/A
> Reporter: Hasan Ceylan
> Priority: Critical
> Attachments: shindig-cookie.patch
>
>
> AFAIK, shindig switched to http-comps as the http library.
> This library by default just like a browser caches the cookies returned by the backend servers and re-uses those cookies all the time.
> Attached patch resolves the issues by rejecting validation of cookies with a custom cookie policy.
> Regards,
> Hasan Ceylan
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (SHINDIG-1382) MakeRequestHandler keeps and sends
cookies regardless of contexes / users etc.
Posted by "Mat Mannion (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/SHINDIG-1382?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12887763#action_12887763 ]
Mat Mannion commented on SHINDIG-1382:
--------------------------------------
Yes, we encountered this issue ourselves when we were injecting the BasicHttpFetcher into custom code, although I didn't really have time to investigate whether it affected other parts of Shindig; though I don't see why not.
I think this is important to go in, but I'm just a lowly user and part-time contributor. The dev list may have more of an opinion
> MakeRequestHandler keeps and sends cookies regardless of contexes / users etc.
> -------------------------------------------------------------------------------
>
> Key: SHINDIG-1382
> URL: https://issues.apache.org/jira/browse/SHINDIG-1382
> Project: Shindig
> Issue Type: Bug
> Components: Java
> Affects Versions: 2.0.0-RC1
> Environment: N/A
> Reporter: Hasan Ceylan
> Priority: Critical
> Attachments: shindig-cookie.patch
>
>
> AFAIK, shindig switched to http-comps as the http library.
> This library by default just like a browser caches the cookies returned by the backend servers and re-uses those cookies all the time.
> Attached patch resolves the issues by rejecting validation of cookies with a custom cookie policy.
> Regards,
> Hasan Ceylan
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.