You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@hc.apache.org by "Oleg Kalnichevski (JIRA)" <ji...@apache.org> on 2009/07/09 11:36:15 UTC

[jira] Updated: (HTTPCLIENT-859) BasicCookieStore treats cookies of the same name from the same host as duplicates, even if they have different paths

     [ https://issues.apache.org/jira/browse/HTTPCLIENT-859?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Oleg Kalnichevski updated HTTPCLIENT-859:
-----------------------------------------

    Attachment: HTTPCLIENT-859.patch

Please review the fix

Oleg

> BasicCookieStore treats cookies of the same name from the same host as duplicates, even if they have different paths
> --------------------------------------------------------------------------------------------------------------------
>
>                 Key: HTTPCLIENT-859
>                 URL: https://issues.apache.org/jira/browse/HTTPCLIENT-859
>             Project: HttpComponents HttpClient
>          Issue Type: Bug
>          Components: HttpClient
>    Affects Versions: 4.0 Beta 2
>            Reporter: Ben Perkins
>             Fix For: 4.0 Final
>
>         Attachments: HTTPCLIENT-859.patch
>
>
> The DefaultHttpClient is not handling cookies correctly when a single host returns multiple cookies of the same name but with separate paths.  For example, if a single instance of the client is used to access two different webapps on the same server, it may receive two different JSESSIONID cookies:
> Cookie: [version: 0][name: JSESSIONID][value: F832C01D23F501CE5EEB296B602700C1][domain: lglom139.example.com][path: /msa-adrenalina][expiry: null]
> Cookie: [version: 0][name: JSESSIONID][value: 0FC660347391B93267168F84F2B520F5][domain: lglom139.example.com][path: /maps][expiry: null]
> Because the CookieIdentityComparator class does not test the cookie path when determining equality, each new JSESSIONID received replaces the previous one instead of adding a new cookie to the store.  This results in "disconnecting" the client from its sessions on the prior webapps.
> I've confirmed that adding a path test to CookieIdentityComparator resolves this problem.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@hc.apache.org
For additional commands, e-mail: dev-help@hc.apache.org