You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@hc.apache.org by "Oleg Kalnichevski (Resolved) (JIRA)" <ji...@apache.org> on 2011/11/02 17:21:32 UTC

[jira] [Resolved] (HTTPCLIENT-1141) Cookie path is incorectly parsed

     [ https://issues.apache.org/jira/browse/HTTPCLIENT-1141?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Oleg Kalnichevski resolved HTTPCLIENT-1141.
-------------------------------------------

    Resolution: Invalid

Rosen

HttpClient 4.1.x and newer correctly identifies the cookie in question (Set-Cookie: debug_session=3bf3dc0a-9207-484c-bf22-a4e4c882f205; Path="" ) as a non-standard cookie and correctly applies Netscape Draft cookie policy to it. Netscape Draft does not specify any particular format for cookie attributes and therefore quote marks are considered to be a part of attribute value. The "" path obviously does not match the origin and the cookie gets rejected.

You can override this behavior by forcing HttpClient to use the Browser Compatibility cookie policy instead of the Best Match one.

Oleg
                
> Cookie path is incorectly parsed
> --------------------------------
>
>                 Key: HTTPCLIENT-1141
>                 URL: https://issues.apache.org/jira/browse/HTTPCLIENT-1141
>             Project: HttpComponents HttpClient
>          Issue Type: Bug
>          Components: HttpClient
>    Affects Versions: 4.1.2
>         Environment: httpclient-4.1.2, httpcore-4.2-alpha2
>            Reporter: Rosen Anastasov
>
> A cookie (in my case the session cookie) is rejected because of incorrectly parsed cookie path value.
> The response header is Set-Cookie: debug_session=3bf3dc0a-9207-484c-bf22-a4e4c882f205; Path=""
> And the reported failure is:
> ResponseProcessCookies - Cookie rejected: "[version: 0][name: debug_session][value: 3bf3dc0a-9207-484c-bf22-a4e4c882f205][domain: localhost][path: ""][expiry: null]". Illegal path attribute """". Path of origin: "/abc"
> In older version of the client (4.0.1) the log looks like:
> ResponseProcessCookies - Cookie accepted: "[version: 0][name: debug_session][value: d8d0899b-e388-4f53-84b1-a6af36528340][domain: localhost][path: /][expiry: null]".
> So I suppose that the issue is related with the cookie path parsing.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira

        

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@hc.apache.org
For additional commands, e-mail: dev-help@hc.apache.org