You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@hc.apache.org by bu...@apache.org on 2005/09/01 11:43:35 UTC

DO NOT REPLY [Bug 36457] New: - Two identical cookies sent back to server

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG�
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=36457>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND�
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=36457

           Summary: Two identical cookies sent back to server
           Product: HttpClient
           Version: 3.0 RC3
          Platform: Other
        OS/Version: Windows XP
            Status: NEW
          Severity: normal
          Priority: P2
         Component: Commons HttpClient
        AssignedTo: httpclient-dev@jakarta.apache.org
        ReportedBy: r.schwietzke@reneschwietzke.de


Coding an htmlunit test against an ecommerce system, that updates a certain
cookie with each request, I found, that the cookie exists more than once under
the same name and is sent back twice in the same header.

httpclient.wire.header - >> "POST
/on/store/WFS/Demos-YourShopHere-Site/en_US/-/USD/ViewRequisition-Dispatch;pgid=CCVSS01a6wk000INEFWJ5mk30000Cg8A7CVX
HTTP/1.1[\r][\n]"
httpclient.wire.header - >> "User-Agent: Mozilla/4.0 (compatible; MSIE
6.0b)[\r][\n]"
httpclient.wire.header - >> "Host: ahostfortesting.com[\r][\n]"
httpclient.wire.header - >> "Cookie: $Version=0;
dwrequestid=fSIHAUMWxRV7AwAK[\r][\n]"
httpclient.wire.header - >> "Cookie: $Version=0;
dwrequestid=fSL7AEMWxQZ7AwAK[\r][\n]"
httpclient.wire.header - >> "Cookie: $Version=0;
sid=9rNhJol-i5FwJspoM7UaJYl0udvtgcYWehQ=; $Path=/[\r][\n]"
httpclient.wire.header - >> "Content-Length: 17[\r][\n]"
httpclient.wire.header - >> "Content-Type:
application/x-www-form-urlencoded[\r][\n]"
httpclient.wire.header - >> "[\r][\n]"

The header set-cookie code for these cookies:
Request 1:
DEBUG - httpclient.wire.header - << "Set-Cookie:
dwrequestid=fSL7AEMWxQZ7AwAK[\r][\n]"

Request 2:
DEBUG - httpclient.wire.header - << "Set-Cookie:
dwrequestid=fSIBAUMWxQ17AwAK[\r][\n]"

RFC2109 means:
4.3.3  Cookie Management

   If a user agent receives a Set-Cookie response header whose NAME is
   the same as a pre-existing cookie, and whose Domain and Path
   attribute values exactly (string) match those of a pre-existing
   cookie, the new cookie supersedes the old...

Any ideas?

-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

---------------------------------------------------------------------
To unsubscribe, e-mail: httpclient-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: httpclient-dev-help@jakarta.apache.org