Alexander Bernstein created HTTPCLIENT-1685:
-----------------------------------------------
Summary: PublicSuffixDomainFilter.match() returns true for any
simple host name.
Key: HTTPCLIENT-1685
URL: https://issues.apache.org/jira/browse/HTTPCLIENT-1685
Project: HttpComponents HttpClient
Issue Type: Bug
Components: HttpClient
Affects Versions: 4.5
Reporter: Alexander Bernstein
HttpClient built by HttpClientBuilder ends up with publicSuffixMatcher created
by PublicSuffixMatcherLoader.getDefault(). Later on, this object gets passed to
CookieSpecRegistries.createDefault(publicSuffixMatcherCopy), if the
cookieSpecRegistry is not set explicitly.
With this scenario, using simple host names (i.e. a name without a dot
character, such as "server1" ) fails.
The reason seems to be the
org.apache.http.impl.cookie.PublicSuffixDomainFilter.match(Cookie,
CookieOrigin). This method returns a boolean indicating whether the domain is
in the blacklist.
For any host name that is not a "localhost", the PublicSuffixMatcher.matches()
is called, on line 76. This method returns true for any hostname that does not
contain a dot charcter. Which causes the return false, on line 77.
Is this a correct behavior? If my server is called "server1", why should its
name "match" a public suffix? And how do I make this code to recognize simple
host names like this? If this is an expected behavior, is there a documented
way to prevent it?
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
