[
https://issues.apache.org/jira/browse/HTTPCLIENT-1212?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Oleg Kalnichevski resolved HTTPCLIENT-1212.
-------------------------------------------
Resolution: Invalid
'Set-Cookie: testcookie=test; Expires=Wed, 03-Jul-2013 13:39:50 GMT; Path=/'
cookie is not a valid RFC 2109 cookie. The RFC 2109 is not supposed to handle
old Netscape style cookies. Use Best Match or Browser compatibility policy
instead.
Oleg
> SET-COOKIE header with RFC1036 Date cannot be parsed / is dropped
> -----------------------------------------------------------------
>
> Key: HTTPCLIENT-1212
> URL: https://issues.apache.org/jira/browse/HTTPCLIENT-1212
> Project: HttpComponents HttpClient
> Issue Type: Bug
> Components: HttpClient
> Affects Versions: 4.2 Final
> Environment: Linux version 3.2.0-3-amd64 (Debian 3.2.21-3)
> ([email protected]) (gcc version 4.6.3 (Debian 4.6.3-8) )
> Reporter: Achim Westermann
>
> Problem: Server sends a cookie in RF-1036 date:
> DEBUG [org.apache.http.wire] << "HTTP/1.0 301 Moved Permanently[\r][\n]"
> DEBUG [org.apache.http.wire] << "Server: Apache-Coyote/1.1[\r][\n]"
> DEBUG [org.apache.http.wire] << "X-Powered-By: Servlet 2.5;
> JBoss-5.0/JBossWeb-2.1[\r][\n]"
> DEBUG [org.apache.http.wire] << "Set-Cookie: testcookie=test; Expires=Wed,
> 03-Jul-2013 13:39:50 GMT; Path=/[\r][\n]"
> DEBUG [org.apache.http.wire] << "P3P: CP='IDC DSP COR ADM DEVi TAIi PSA PSD
> IVAi IVDi CONi HIS OUR IND CNT'[\r][\n]"
> DEBUG [org.apache.http.wire] << "Location:
> http://de.eso.tv/wahrsager-hellseher[\r][\n]";
> DEBUG [org.apache.http.wire] << "Content-Length: 0[\r][\n]"
> DEBUG [org.apache.http.wire] << "Date: Tue, 03 Jul 2012 13:39:50 GMT[\r][\n]"
> DEBUG [org.apache.http.wire] << "X-Varnish: 1697680967[\r][\n]"
> DEBUG [org.apache.http.wire] << "Age: 0[\r][\n]"
> DEBUG [org.apache.http.wire] << "Via: 1.1 varnish[\r][\n]"
> DEBUG [org.apache.http.wire] << "X-Cache: MISS from
> dslrouter02.qintern.de[\r][\n]"
> DEBUG [org.apache.http.wire] << "X-Cache-Lookup: MISS from
> dslrouter02.qintern.de:3128[\r][\n]"
> DEBUG [org.apache.http.wire] << "Proxy-Connection: keep-alive[\r][\n]"
> DEBUG [org.apache.http.wire] << "[\r][\n]"
> The RFC2109Spec.java uses the DateUtils.PATTERN_RFC1036 in the default set
> for cookie dates.
> Method RFC2109Spec.parse(Header, CookieOrigin), line 108 uses:
> header.getElements();
> This method sees the ',' as the delimiter between two header elements
> (BasicHeaderValueParser., line 162 (ELEM_DELIMITER).
> Given the header: "Set-Cookie: testcookie=test; Expires=Wed, 03-Jul-2013
> 14:22:28 GMT; Path=/"
> we end up with two HeaderElement instances:
> 1. testcookie=test; Expires=Wed
> 2. 03-Jul-2013 14:22:28 GMT; Path=/
> Now back from httpcore to httpclient:CookieSpecBase.parse(HeaderElement[],
> CookieOrigin), line 93:
> This leads to BasicExpiresHandler.parse(SetCookie, String) being called with
> a value "Wed" and to a MalformedCookieException.
> For the big picture: httpclient sessions that have to send cookies (e.g. for
> preventing redirect-loops) will not work with servers sending this date
> format.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
