Gregory Chanan created HTTPCLIENT-1546:
------------------------------------------
Summary: Cookie values can end up being double quoted
Key: HTTPCLIENT-1546
URL: https://issues.apache.org/jira/browse/HTTPCLIENT-1546
Project: HttpComponents HttpClient
Issue Type: Bug
Components: HttpCookie
Reporter: Gregory Chanan
I mentioned this issue on the mailing list and Oleg asked me to file a JIRA.
I have a cookie like this:
hadoop.auth="someValue"; Version=1; Expires=Fri, 01 Aug 2014 09:03:40 GMT;
HttpOnly
Because it has an "Expires" attribute, httpclient treats it as a netscape
cookie. But, when it is sent back to the server, it's sent double-quoted:
hadoop.auth=""someValue""; Version=1; Expires=Fri, 01 Aug 2014 09:03:40 GMT;
HttpOnly
which causes the server to see the hadoop.auth value as "".
So, it seems like httpclient is being inconsistent in how it treats the
version; it first assumes version 0, but then treats it as version 1 and
assumes it can add quotes. Even though the cookie is not a valid Version=1
Cookie, ideally httpclient would not double quote the response.
NOTE: I tested this on httpclient 4.2.5, but that's not a choice for "Affects
Version"
--
This message was sent by Atlassian JIRA
(v6.2#6252)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
