You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@commons.apache.org by bu...@apache.org on 2002/04/19 01:42:48 UTC

DO NOT REPLY [Bug 8287] New: - should allow receiving secure cookies from non-secure chanel

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG 
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://nagoya.apache.org/bugzilla/show_bug.cgi?id=8287>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND 
INSERTED IN THE BUG DATABASE.

http://nagoya.apache.org/bugzilla/show_bug.cgi?id=8287

should allow receiving secure cookies from non-secure chanel

           Summary: should allow receiving secure cookies from non-secure
                    chanel
           Product: Commons
           Version: Nightly Builds
          Platform: Other
        OS/Version: Other
            Status: NEW
          Severity: Normal
          Priority: Other
         Component: HttpClient
        AssignedTo: commons-dev@jakarta.apache.org
        ReportedBy: xiaowei@stratify.com


Currently, httpclient will throw an exception if a secure cookie is received 
from a non-secure chanel. Although RFC doesn't specify explicitly on if the 
client should allow receiving secure cookie from non-secure channel, the 
default setting in browser seems to allow it.

Try the following link in IE:

http://www.snapfish.com

The default cookie policy in httpclient should be the same.

--
To unsubscribe, e-mail:   <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>