[ https://issues.apache.org/jira/browse/GERONIMO-3861?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Rick McGuire resolved GERONIMO-3861. ------------------------------------ Resolution: Fixed Committed revision 631262. 1.1.5 version only. I've only committed these changes to the 1.1.5 version. When I try to apply the same changes to the 2.0 version, I'm getting 3 test failures that all appear to be the same problem, but I'm not sure why. This NullPointerException appears to be because there's no CURRENT_REQUEST attribute on the session, but the test is setting the attribute. I don't have time to chase after this one at the moment. java.lang.NullPointerException at org.apache.ahc.codec.HttpResponseDecoder.doDecode(HttpResponseDecoder.java:54) at org.apache.mina.filter.codec.CumulativeProtocolDecoder.decode(CumulativeProtocolDecoder.java:145) at org.apache.ahc.ChunkedTest.testChunking(ChunkedTest.java:65) at org.apache.ahc.ChunkedTest.testChunking(ChunkedTest.java:65) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:64) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:615) at junit.framework.TestCase.runTest(TestCase.java:154) at junit.framework.TestCase.runBare(TestCase.java:127) at junit.framework.TestResult$1.protect(TestResult.java:106) at junit.framework.TestResult.runProtected(TestResult.java:124) at junit.framework.TestResult.run(TestResult.java:109) at junit.framework.TestCase.run(TestCase.java:118) at junit.framework.TestSuite.runTest(TestSuite.java:208) at junit.framework.TestSuite.run(TestSuite.java:203) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:64) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:615) at org.apache.maven.surefire.junit.JUnitTestSet.execute(JUnitTestSet.java:213) at org.apache.maven.surefire.suite.AbstractDirectoryTestSuite.executeTestSet(AbstractDirectoryTestSuite.java:138) at org.apache.maven.surefire.suite.AbstractDirectoryTestSuite.execute(AbstractDirectoryTestSuite.java:163) at org.apache.maven.surefire.Surefire.run(Surefire.java:84) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:64) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:615) at org.apache.maven.surefire.booter.SurefireBooter.runSuitesInProcess(SurefireBooter.java:244) at org.apache.maven.surefire.booter.SurefireBooter.main(SurefireBooter.java:814) > cookies need to be validated and filtered > ----------------------------------------- > > Key: GERONIMO-3861 > URL: https://issues.apache.org/jira/browse/GERONIMO-3861 > Project: Geronimo > Issue Type: Bug > Security Level: public(Regular issues) > Components: AsyncHttpClient > Affects Versions: 1.x > Reporter: Sangjin Lee > Assignee: Rick McGuire > Priority: Minor > Attachments: GERONIMO-3861.patch > > > Today AHC simply accepts all cookies from the response and emit all cookies > in the request. However, the attributes need to be taken into consideration > when we set the cookies as well as when we send them. Two parts of the issue: > [1] When we emit the cookies in the request, we need to check > - if the domain matches > - if the path matches > - if the cookie has not expired > - and if the cookie is secure (if the request protocol is http) > before adding it to the Cookie header. > [2] When we accept the cookies in the response, we need to check for the > domain and the path. Note that we do not discard expired cookies, as that's > often a way to delete an existing cookie. -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.