You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@knox.apache.org by "Sandeep More (Jira)" <ji...@apache.org> on 2021/02/25 16:10:00 UTC
[jira] [Created] (KNOX-2538) JSESSIONID cookie missing when
Zeppelin UI proxied via Knox
Sandeep More created KNOX-2538:
----------------------------------
Summary: JSESSIONID cookie missing when Zeppelin UI proxied via Knox
Key: KNOX-2538
URL: https://issues.apache.org/jira/browse/KNOX-2538
Project: Apache Knox
Issue Type: Bug
Components: Server
Reporter: Sandeep More
Assignee: Sandeep More
Fix For: 1.6.0
Sometimes Knox gateway sends back Set-Cookie header in not proper formatted way, mix attribute order
{code}
properly formatted SET-COOKIE response (start with JSESSIONID)
GET /zeppelin/api/security/ticket
Set-Cookie: JSESSIONID=ba760126-414f-406d-baa1-99e14eb47656; SameSite=none; Secure; Path=/; HttpOnly
{code}
{code}
not properly formatted SET-COOKIE response
GET /zeppelin/api/security/ticket
Set-Cookie: SameSite=none; Secure; Path=/; JSESSIONID=b2934cd3-820a-47da-a9b8-4b3af3284502; HttpOnly
{code}
_Informally, the Set-Cookie response header contains the header name "Set-Cookie" followed by a ":" and a cookie. Each cookie begins with a name-value-pair, followed by zero or more attribute-value pairs. _
- [Set-Cookie specification|https://tools.ietf.org/html/rfc6265#section-4.1.1]
Not properly formatted SET-COOKIE issue is not always present, sometimes it is working, sometimes is not. Please try a couple of times to reproduce this issue, If the JSESSIONID cookie presents, remove it manually and refresh the page to simulate session timeout case.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)