You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@hc.apache.org by Tom Samplonius <to...@sdf.com> on 2003/04/19 23:41:41 UTC

Duplicated cookie bug?

  It seems that if redirect following is enabled, a request is redirected,
cookies are duplicated on the followup request:

2003/04/19 16:20:54:107 PDT [DEBUG] wire - ->> "Cookie: $Version=0;
ASPSESSIONIDQQGQGOQK=FCCPFHHBOFMALJCGMEFKOPKC; $Path=/[\r][\n]"
2003/04/19 16:20:54:107 PDT [DEBUG] wire - ->> "Cookie: $Version=0;
ASPSESSIONIDQQGQGOQK=FCCPFHHBOFMALJCGMEFKOPKC; $Path=/[\r][\n]"
2003/04/19 16:20:54:127 PDT [DEBUG] wire - ->> "[\r][\n]"


  I guess the cookie is added to the request object for the first request,
and when the request is redirected, the cookie is added to the request
object again and re-sent.


Tom

Re: Duplicated cookie bug?

Posted by Tom Samplonius <to...@sdf.com>.

  Missed information:  this was with Alpha 3, as well as with the 4-19
daily build.

Tom


On Sat, 19 Apr 2003, Tom Samplonius wrote:

> 
>   It seems that if redirect following is enabled, a request is redirected,
> cookies are duplicated on the followup request:
> 
> 2003/04/19 16:20:54:107 PDT [DEBUG] wire - ->> "Cookie: $Version=0;
> ASPSESSIONIDQQGQGOQK=FCCPFHHBOFMALJCGMEFKOPKC; $Path=/[\r][\n]"
> 2003/04/19 16:20:54:107 PDT [DEBUG] wire - ->> "Cookie: $Version=0;
> ASPSESSIONIDQQGQGOQK=FCCPFHHBOFMALJCGMEFKOPKC; $Path=/[\r][\n]"
> 2003/04/19 16:20:54:127 PDT [DEBUG] wire - ->> "[\r][\n]"
> 
> 
>   I guess the cookie is added to the request object for the first request,
> and when the request is redirected, the cookie is added to the request
> object again and re-sent.
> 
> 
> Tom
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: commons-httpclient-dev-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: commons-httpclient-dev-help@jakarta.apache.org
> 
> 
>

Re: Duplicated cookie bug?

Posted by Oleg Kalnichevski <o....@dplanet.ch>.

Fix applied. Thanks for reporting the bug, Tom.

Oleg

On Sun, 2003-04-20 at 22:06, Oleg Kalnichevski wrote:
> There does appear to be a problem with the way HttpClient adds cookies
> the the request. I'll try to reproduce the problem with a test case. If
> the assumption proves correct I'll try to sneak a fix in before Jandalf
> calls it beta-1 
> 
> Cheers
> 
> Oleg
> 
> On Sun, 2003-04-20 at 14:37, Michael Becke wrote:
> > Tom,
> > 
> > A little more information would be helpful.  In particular the full 
> > wire log of the headers for both the initial request and the resulting 
> > redirection would be good.
> > 
> > Only one cookie with the same name/path/domain can exist within each 
> > instance of HttpState.  Since both name and path seem to be the same in 
> > this case I would guess that the domains are different.  That would 
> > lead me to wonder why cookies with different domain values are being 
> > sent to one server.  A more complete wire log should be able to clear 
> > this up.
> > 
> > Thanks,
> > 
> > Mike
> > 
> > On Saturday, April 19, 2003, at 05:41 PM, Tom Samplonius wrote:
> > 
> > >
> > >   It seems that if redirect following is enabled, a request is 
> > > redirected,
> > > cookies are duplicated on the followup request:
> > >
> > > 2003/04/19 16:20:54:107 PDT [DEBUG] wire - ->> "Cookie: $Version=0;
> > > ASPSESSIONIDQQGQGOQK=FCCPFHHBOFMALJCGMEFKOPKC; $Path=/[\r][\n]"
> > > 2003/04/19 16:20:54:107 PDT [DEBUG] wire - ->> "Cookie: $Version=0;
> > > ASPSESSIONIDQQGQGOQK=FCCPFHHBOFMALJCGMEFKOPKC; $Path=/[\r][\n]"
> > > 2003/04/19 16:20:54:127 PDT [DEBUG] wire - ->> "[\r][\n]"
> > >
> > >
> > >   I guess the cookie is added to the request object for the first 
> > > request,
> > > and when the request is redirected, the cookie is added to the request
> > > object again and re-sent.
> > >
> > >
> > > Tom
> > >
> > >
> > > ---------------------------------------------------------------------
> > > To unsubscribe, e-mail: 
> > > commons-httpclient-dev-unsubscribe@jakarta.apache.org
> > > For additional commands, e-mail: 
> > > commons-httpclient-dev-help@jakarta.apache.org
> > >
> > 
> > 
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: commons-httpclient-dev-unsubscribe@jakarta.apache.org
> > For additional commands, e-mail: commons-httpclient-dev-help@jakarta.apache.org
> > 
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: commons-httpclient-dev-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: commons-httpclient-dev-help@jakarta.apache.org
>

Re: Duplicated cookie bug?

Posted by Oleg Kalnichevski <o....@dplanet.ch>.

There does appear to be a problem with the way HttpClient adds cookies
the the request. I'll try to reproduce the problem with a test case. If
the assumption proves correct I'll try to sneak a fix in before Jandalf
calls it beta-1 

Cheers

Oleg

On Sun, 2003-04-20 at 14:37, Michael Becke wrote:
> Tom,
> 
> A little more information would be helpful.  In particular the full 
> wire log of the headers for both the initial request and the resulting 
> redirection would be good.
> 
> Only one cookie with the same name/path/domain can exist within each 
> instance of HttpState.  Since both name and path seem to be the same in 
> this case I would guess that the domains are different.  That would 
> lead me to wonder why cookies with different domain values are being 
> sent to one server.  A more complete wire log should be able to clear 
> this up.
> 
> Thanks,
> 
> Mike
> 
> On Saturday, April 19, 2003, at 05:41 PM, Tom Samplonius wrote:
> 
> >
> >   It seems that if redirect following is enabled, a request is 
> > redirected,
> > cookies are duplicated on the followup request:
> >
> > 2003/04/19 16:20:54:107 PDT [DEBUG] wire - ->> "Cookie: $Version=0;
> > ASPSESSIONIDQQGQGOQK=FCCPFHHBOFMALJCGMEFKOPKC; $Path=/[\r][\n]"
> > 2003/04/19 16:20:54:107 PDT [DEBUG] wire - ->> "Cookie: $Version=0;
> > ASPSESSIONIDQQGQGOQK=FCCPFHHBOFMALJCGMEFKOPKC; $Path=/[\r][\n]"
> > 2003/04/19 16:20:54:127 PDT [DEBUG] wire - ->> "[\r][\n]"
> >
> >
> >   I guess the cookie is added to the request object for the first 
> > request,
> > and when the request is redirected, the cookie is added to the request
> > object again and re-sent.
> >
> >
> > Tom
> >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: 
> > commons-httpclient-dev-unsubscribe@jakarta.apache.org
> > For additional commands, e-mail: 
> > commons-httpclient-dev-help@jakarta.apache.org
> >
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: commons-httpclient-dev-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: commons-httpclient-dev-help@jakarta.apache.org
>

Re: Duplicated cookie bug?

Posted by Michael Becke <be...@u.washington.edu>.

Tom,

A little more information would be helpful.  In particular the full 
wire log of the headers for both the initial request and the resulting 
redirection would be good.

Only one cookie with the same name/path/domain can exist within each 
instance of HttpState.  Since both name and path seem to be the same in 
this case I would guess that the domains are different.  That would 
lead me to wonder why cookies with different domain values are being 
sent to one server.  A more complete wire log should be able to clear 
this up.

Thanks,

Mike

On Saturday, April 19, 2003, at 05:41 PM, Tom Samplonius wrote:

>
>   It seems that if redirect following is enabled, a request is 
> redirected,
> cookies are duplicated on the followup request:
>
> 2003/04/19 16:20:54:107 PDT [DEBUG] wire - ->> "Cookie: $Version=0;
> ASPSESSIONIDQQGQGOQK=FCCPFHHBOFMALJCGMEFKOPKC; $Path=/[\r][\n]"
> 2003/04/19 16:20:54:107 PDT [DEBUG] wire - ->> "Cookie: $Version=0;
> ASPSESSIONIDQQGQGOQK=FCCPFHHBOFMALJCGMEFKOPKC; $Path=/[\r][\n]"
> 2003/04/19 16:20:54:127 PDT [DEBUG] wire - ->> "[\r][\n]"
>
>
>   I guess the cookie is added to the request object for the first 
> request,
> and when the request is redirected, the cookie is added to the request
> object again and re-sent.
>
>
> Tom
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: 
> commons-httpclient-dev-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: 
> commons-httpclient-dev-help@jakarta.apache.org
>