You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@tomcat.apache.org by James Tolles <to...@corp.earthlink.net> on 2003/04/25 01:03:10 UTC

Tomcat JSESSINID cokie has "null" domain.

Thanks in advance - this is probably a stupid question:

 

Seems like, our cookies have "null" for a domain - how can a cookie have a
null domain?

 

We wrote this jsp and put it under webapps/examples/login.jsp

 

<%@page import="java.util.*,javax.servlet.http.*"%>

<%

 

    System.out.println("*****************************in
?webapps/examples/login1.jsp line 3");

        javax.servlet.http.Cookie[] cks = request.getCookies();

        if (cks != null){

          System.out.println("number of cookies = " + cks.length);

          for (int i=0; i<cks.length; i++){

              System.out.println("cks[" + i + "] = " + cks[i]);

              System.out.println("cks[" + i + "].getName() = " +
cks[i].getName() );

              System.out.println("cks[" + i + "].getDomain() = " +
cks[i].getDomain() );

              System.out.println("cks[" + i + "].getPath() = " +
cks[i].getPath() );

              System.out.println("cks[" + i + "].getValue() = " +
cks[i].getValue() );

          }

        }

 

%>

<html>

<body>

<h1>in webapps/examples/login1.jsp</h1>

</html>

 

 

On the first access, http://localhost:8080/examples/login1.jsp the cookie
count is 0.

On reload, there is one cookie: JSESSIONID - but the domain is null?

We tried the same test on tomcat 4.1.24 and tomcat 3.2.4

 

It seems like the browser returns a cookie with null in the domain?

 

Thanks

  James

Re: Tomcat JSESSINID cokie has "null" domain.

Posted by Chris Cheshire <cc...@bigredwire.com>.

I wrote a similar thing as a servlet for my cookies a while ago. 
Everything but the name and the value is null or not set, regardless of 
the values I set them to. This may be some kind of security thing with 
cookies, I don't know. Netscape 6 (and probably all Gecko derivatives) 
has a way to view the contents of the cookie that correctly shows the 
domain, max age, path etc.

HTH

Chris

James Tolles wrote:

>Thanks in advance - this is probably a stupid question:
>
> 
>
>Seems like, our cookies have "null" for a domain - how can a cookie have a
>null domain?
>
> 
>
>We wrote this jsp and put it under webapps/examples/login.jsp
>
> 
>
><%@page import="java.util.*,javax.servlet.http.*"%>
>
><%
>
> 
>
>    System.out.println("*****************************in
>?webapps/examples/login1.jsp line 3");
>
>        javax.servlet.http.Cookie[] cks = request.getCookies();
>
>        if (cks != null){
>
>          System.out.println("number of cookies = " + cks.length);
>
>          for (int i=0; i<cks.length; i++){
>
>              System.out.println("cks[" + i + "] = " + cks[i]);
>
>              System.out.println("cks[" + i + "].getName() = " +
>cks[i].getName() );
>
>              System.out.println("cks[" + i + "].getDomain() = " +
>cks[i].getDomain() );
>
>              System.out.println("cks[" + i + "].getPath() = " +
>cks[i].getPath() );
>
>              System.out.println("cks[" + i + "].getValue() = " +
>cks[i].getValue() );
>
>          }
>
>        }
>
> 
>
>%>
>
><html>
>
><body>
>
><h1>in webapps/examples/login1.jsp</h1>
>
></html>
>
> 
>
> 
>
>On the first access, http://localhost:8080/examples/login1.jsp the cookie
>count is 0.
>
>On reload, there is one cookie: JSESSIONID - but the domain is null?
>
>We tried the same test on tomcat 4.1.24 and tomcat 3.2.4
>
> 
>
>It seems like the browser returns a cookie with null in the domain?
>
> 
>
>Thanks
>
>  James
>
> 
>
> 
>
>
>  
>




---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org

RE: Tomcat JSESSINID cokie has "null" domain.

Posted by James Tolles <to...@corp.earthlink.net>.

Yes thank you - I see it in the servlet 2.3 spec:

SRV.4.6 Cookies
The HttpServletRequest interface provides the getCookies method to obtain an
array of cookies that are present in the request. These cookies are data
sent from the client to the server on every request that the client makes.
Typically, the only information that the client sends back as part of a
cookie is the cookie name and the cookie value. Other cookie attributes that
can be set when the cookie is sent to the browser, such as comments, are not
typically returned.

-----Original Message-----
From: Chris Cheshire [mailto:ccheshire@bigredwire.com] 
Sent: Thursday, April 24, 2003 4:20 PM
To: Tomcat Users List
Subject: Re: Tomcat JSESSINID cokie has "null" domain.

Ahhh thanks Tim, that explains it :)

Chris

Tim Funk wrote:

> Web browsers only send the cookie name and value to the server. That 
> is all and nothing else.
>
> Web browsers do not send:
> - domain
> - expiration
> - path
> - or anythng else
>
> -Tim
>
> James Tolles wrote:
>
>> Thanks in advance - this is probably a stupid question:
>>
>>  
>>
>> Seems like, our cookies have "null" for a domain - how can a cookie 
>> have a
>> null domain?
>>
>>  
>>
>> We wrote this jsp and put it under webapps/examples/login.jsp
>>
>>  
>>
>> <%@page import="java.util.*,javax.servlet.http.*"%>
>>
>> <%
>>
>>  
>>
>>     System.out.println("*****************************in
>> ?webapps/examples/login1.jsp line 3");
>>
>>         javax.servlet.http.Cookie[] cks = request.getCookies();
>>
>>         if (cks != null){
>>
>>           System.out.println("number of cookies = " + cks.length);
>>
>>           for (int i=0; i<cks.length; i++){
>>
>>               System.out.println("cks[" + i + "] = " + cks[i]);
>>
>>               System.out.println("cks[" + i + "].getName() = " +
>> cks[i].getName() );
>>
>>               System.out.println("cks[" + i + "].getDomain() = " +
>> cks[i].getDomain() );
>>
>>               System.out.println("cks[" + i + "].getPath() = " +
>> cks[i].getPath() );
>>
>>               System.out.println("cks[" + i + "].getValue() = " +
>> cks[i].getValue() );
>>
>>           }
>>
>>         }
>>
>>  
>>
>> %>
>>
>> <html>
>>
>> <body>
>>
>> <h1>in webapps/examples/login1.jsp</h1>
>>
>> </html>
>>
>>  
>>
>>  
>>
>> On the first access, http://localhost:8080/examples/login1.jsp the 
>> cookie
>> count is 0.
>>
>> On reload, there is one cookie: JSESSIONID - but the domain is null?
>>
>> We tried the same test on tomcat 4.1.24 and tomcat 3.2.4
>>
>>  
>>
>> It seems like the browser returns a cookie with null in the domain?
>>
>>  
>>
>> Thanks
>>
>>   James
>>
>>  
>>
>>  
>>
>>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
>
>




---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org

Re: Tomcat JSESSINID cokie has "null" domain.

Posted by Chris Cheshire <cc...@bigredwire.com>.

Ahhh thanks Tim, that explains it :)

Chris

Tim Funk wrote:

> Web browsers only send the cookie name and value to the server. That 
> is all and nothing else.
>
> Web browsers do not send:
> - domain
> - expiration
> - path
> - or anythng else
>
> -Tim
>
> James Tolles wrote:
>
>> Thanks in advance - this is probably a stupid question:
>>
>>  
>>
>> Seems like, our cookies have "null" for a domain - how can a cookie 
>> have a
>> null domain?
>>
>>  
>>
>> We wrote this jsp and put it under webapps/examples/login.jsp
>>
>>  
>>
>> <%@page import="java.util.*,javax.servlet.http.*"%>
>>
>> <%
>>
>>  
>>
>>     System.out.println("*****************************in
>> ?webapps/examples/login1.jsp line 3");
>>
>>         javax.servlet.http.Cookie[] cks = request.getCookies();
>>
>>         if (cks != null){
>>
>>           System.out.println("number of cookies = " + cks.length);
>>
>>           for (int i=0; i<cks.length; i++){
>>
>>               System.out.println("cks[" + i + "] = " + cks[i]);
>>
>>               System.out.println("cks[" + i + "].getName() = " +
>> cks[i].getName() );
>>
>>               System.out.println("cks[" + i + "].getDomain() = " +
>> cks[i].getDomain() );
>>
>>               System.out.println("cks[" + i + "].getPath() = " +
>> cks[i].getPath() );
>>
>>               System.out.println("cks[" + i + "].getValue() = " +
>> cks[i].getValue() );
>>
>>           }
>>
>>         }
>>
>>  
>>
>> %>
>>
>> <html>
>>
>> <body>
>>
>> <h1>in webapps/examples/login1.jsp</h1>
>>
>> </html>
>>
>>  
>>
>>  
>>
>> On the first access, http://localhost:8080/examples/login1.jsp the 
>> cookie
>> count is 0.
>>
>> On reload, there is one cookie: JSESSIONID - but the domain is null?
>>
>> We tried the same test on tomcat 4.1.24 and tomcat 3.2.4
>>
>>  
>>
>> It seems like the browser returns a cookie with null in the domain?
>>
>>  
>>
>> Thanks
>>
>>   James
>>
>>  
>>
>>  
>>
>>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
>
>




---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org

Re: Tomcat JSESSINID cokie has "null" domain.

Posted by Tim Funk <fu...@joedog.org>.

Web browsers only send the cookie name and value to the server. That is all 
and nothing else.

Web browsers do not send:
- domain
- expiration
- path
- or anythng else

-Tim

James Tolles wrote:
> Thanks in advance - this is probably a stupid question:
> 
>  
> 
> Seems like, our cookies have "null" for a domain - how can a cookie have a
> null domain?
> 
>  
> 
> We wrote this jsp and put it under webapps/examples/login.jsp
> 
>  
> 
> <%@page import="java.util.*,javax.servlet.http.*"%>
> 
> <%
> 
>  
> 
>     System.out.println("*****************************in
> ?webapps/examples/login1.jsp line 3");
> 
>         javax.servlet.http.Cookie[] cks = request.getCookies();
> 
>         if (cks != null){
> 
>           System.out.println("number of cookies = " + cks.length);
> 
>           for (int i=0; i<cks.length; i++){
> 
>               System.out.println("cks[" + i + "] = " + cks[i]);
> 
>               System.out.println("cks[" + i + "].getName() = " +
> cks[i].getName() );
> 
>               System.out.println("cks[" + i + "].getDomain() = " +
> cks[i].getDomain() );
> 
>               System.out.println("cks[" + i + "].getPath() = " +
> cks[i].getPath() );
> 
>               System.out.println("cks[" + i + "].getValue() = " +
> cks[i].getValue() );
> 
>           }
> 
>         }
> 
>  
> 
> %>
> 
> <html>
> 
> <body>
> 
> <h1>in webapps/examples/login1.jsp</h1>
> 
> </html>
> 
>  
> 
>  
> 
> On the first access, http://localhost:8080/examples/login1.jsp the cookie
> count is 0.
> 
> On reload, there is one cookie: JSESSIONID - but the domain is null?
> 
> We tried the same test on tomcat 4.1.24 and tomcat 3.2.4
> 
>  
> 
> It seems like the browser returns a cookie with null in the domain?
> 
>  
> 
> Thanks
> 
>   James
> 
>  
> 
>  
> 
> 


---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org