Greg Hulands created HTTPCLIENT-1646:
----------------------------------------
Summary: Cookie domain and host depth
Key: HTTPCLIENT-1646
URL: https://issues.apache.org/jira/browse/HTTPCLIENT-1646
Project: HttpComponents HttpClient
Issue Type: Bug
Components: HttpCookie
Affects Versions: 4.4.1
Environment: JDK 1.8
Reporter: Greg Hulands
When connecting to a host with a domain name such as sub1.sub2.mydomain.com,
http client with log the following message and reject the cookie.
WARNING: Cookie rejected [sessionid="40720098-5f60-4440-96e4-9e5cafec2de8",
version:1, domain:.mydomain.com, path:/, expiry:null] Domain attribute
".mydomain.com" violates RFC 2109: host minus domain may not contain any dots
I was unable to find in the spec where this is actually specified for the
domain attribute.
This effectively limits cookies to be written only one subdomain higher than
the current host. This happens in both RFC2965DomainAttributeHandler and
RFC2109DomainAttributeHandler.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
