You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@karaf.apache.org by "Aleksy Wróblewski (Jira)" <ji...@apache.org> on 2023/03/02 17:46:00 UTC

[jira] [Updated] (KARAF-7674) HTTP ProxyServlet cookie name issue

     [ https://issues.apache.org/jira/browse/KARAF-7674?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Aleksy Wróblewski updated KARAF-7674:
-------------------------------------
    Description: 
When using HTTP proxy (via http:proxy-add, or ProxyService, or by setting the proxies in org.apache.karaf.http.core.cfg), I get 
java.lang.IllegalArgumentException: Cookie name "!Proxy!class org.apache.karaf.http.core.internal.proxy.ProxyServlet_1927919381JSESSIONID" is a reserved token
at javax.servlet.http.Cookie.<init>([Cookie.java:139|http://cookie.java:139/])
at org.apache.karaf.http.core.internal.proxy.ProxyServlet.copyProxyCookie([ProxyServlet.java:328|http://proxyservlet.java:328/])
 
This makes sense since cookies should not contain whitespace, but looking at the code, the class name is used for the cookie prefix:
{code:java}
   /**
     * The string prefixing rewritten cookies.
     */
    protected String getCookieNamePrefix() {
        return "!Proxy!" + getServletConfig().getServletName();
    }
{code}
If I rebuild org.apache.karaf.http locally with the method just being
{code}return "!Proxy!{code}
then the http proxy works fine again.

I think this assumes that the servlet has a meaningful name, but in my case it's the class name. It is a Karaf instance built from karaf-maven-plugin assembly. Maybe it's a matter of jetty.xml or other configuration. 


  was:
When using HTTP proxy (via http:proxy-add, or ProxyService, or by setting the proxies in org.apache.karaf.http.core.cfg), I get 
java.lang.IllegalArgumentException: Cookie name "!Proxy!class org.apache.karaf.http.core.internal.proxy.ProxyServlet_1927919381JSESSIONID" is a reserved token
at javax.servlet.http.Cookie.<init>([Cookie.java:139|http://cookie.java:139/])
at org.apache.karaf.http.core.internal.proxy.ProxyServlet.copyProxyCookie([ProxyServlet.java:328|http://proxyservlet.java:328/])
 
This makes sense since cookies should not contain whitespace, but looking at the code, the class name is used for the cookie prefix:
{code:java}
   /**
     * The string prefixing rewritten cookies.
     */
    protected String getCookieNamePrefix() {
        return "!Proxy!" + getServletConfig().getServletName();
    }
{code}
If I rebuild org.apache.karaf.http locally with the method just being _return "!Proxy!_
then the http proxy works fine again.

I think this assumes that the servlet has a meaningful name, but in my case it's the class name. It is a Karaf instance built from karaf-maven-plugin assembly. Maybe it's a matter of jetty.xml or other configuration. 



> HTTP ProxyServlet cookie name issue
> -----------------------------------
>
>                 Key: KARAF-7674
>                 URL: https://issues.apache.org/jira/browse/KARAF-7674
>             Project: Karaf
>          Issue Type: Bug
>    Affects Versions: 4.4.3
>            Reporter: Aleksy Wróblewski
>            Priority: Major
>
> When using HTTP proxy (via http:proxy-add, or ProxyService, or by setting the proxies in org.apache.karaf.http.core.cfg), I get 
> java.lang.IllegalArgumentException: Cookie name "!Proxy!class org.apache.karaf.http.core.internal.proxy.ProxyServlet_1927919381JSESSIONID" is a reserved token
> at javax.servlet.http.Cookie.<init>([Cookie.java:139|http://cookie.java:139/])
> at org.apache.karaf.http.core.internal.proxy.ProxyServlet.copyProxyCookie([ProxyServlet.java:328|http://proxyservlet.java:328/])
>  
> This makes sense since cookies should not contain whitespace, but looking at the code, the class name is used for the cookie prefix:
> {code:java}
>    /**
>      * The string prefixing rewritten cookies.
>      */
>     protected String getCookieNamePrefix() {
>         return "!Proxy!" + getServletConfig().getServletName();
>     }
> {code}
> If I rebuild org.apache.karaf.http locally with the method just being
> {code}return "!Proxy!{code}
> then the http proxy works fine again.
> I think this assumes that the servlet has a meaningful name, but in my case it's the class name. It is a Karaf instance built from karaf-maven-plugin assembly. Maybe it's a matter of jetty.xml or other configuration. 



--
This message was sent by Atlassian Jira
(v8.20.10#820010)