[jira] [Resolved] (HTTPCLIENT-1720) secure cookies are not being sent to host:443 requests!

Oleg Kalnichevski (JIRA) Tue, 16 Feb 2016 01:00:45 -0800

     [ 
https://issues.apache.org/jira/browse/HTTPCLIENT-1720?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Oleg Kalnichevski resolved HTTPCLIENT-1720.
-------------------------------------------
    Resolution: Cannot Reproduce

> secure cookies are not being sent to host:443 requests!
> -------------------------------------------------------
>
>                 Key: HTTPCLIENT-1720
>                 URL: https://issues.apache.org/jira/browse/HTTPCLIENT-1720
>             Project: HttpComponents HttpClient
>          Issue Type: Bug
>          Components: HttpClient
>    Affects Versions: 4.5.1
>            Reporter: praveen
>
> Hello,
> I observed the server is setting secure=true flag on 2 cookies, and they are 
> not being sent with any further requests in HC 4.5.1 (i tried with earlier 
> version, upto 4.3 as well), even when the request is being sent to https url, 
> thus the session with server is broken.
> wire logs snippets:
> ......
> 05 Feb 2016 22:51:31,936 [DEBUG] 
> [org.apache.http.client.protocol.RequestAddCookies.process() ] CookieSpec 
> selected: standard
> 05 Feb 2016 22:51:31,936 [DEBUG] 
> [org.apache.http.client.protocol.RequestAddCookies.process() ] Cookie 
> [version: 0][name: a-ogbcbff][value: 1][domain: amazon.com][path: /][expiry: 
> Fri Feb 05 23:04:30 IST 2016] match [www.amazon.com:443/gp/....]
> 05 Feb 2016 22:51:31,937 [DEBUG] 
> [org.apache.http.client.protocol.RequestAddCookies.process() ] Cookie 
> [version: 0][name: session-id][value: 187-0...118442][domain: 
> amazon.com][path: /][expiry: Tue Jan 01 13:30:01 IST 2036] match 
> [www.amazon.com:443/gp/....]
> 05 Feb 2016 22:51:31,937 [DEBUG] 
> [org.apache.http.client.protocol.RequestAddCookies.process() ] Cookie 
> [version: 0][name: session-id-time][value: 2082787201l][domain: 
> amazon.com][path: /][expiry: Tue Jan 01 13:30:01 IST 2036] match 
> [www.amazon.com:443/gp/....]
> 05 Feb 2016 22:51:31,937 [DEBUG] 
> [org.apache.http.client.protocol.RequestAddCookies.process() ] Cookie 
> [version: 0][name: session-token][value: bL7a..2OAg==][domain: 
> amazon.com][path: /][expiry: Thu Jan 31 22:50:38 IST 2036] match 
> [www.amazon.com:443/gp/....]
> 05 Feb 2016 22:51:31,937 [DEBUG] 
> [org.apache.http.client.protocol.RequestAddCookies.process() ] Cookie 
> [version: 0][name: skin][value: noskin][domain: amazon.com][path: /][expiry: 
> null] match [www.amazon.com:443/gp/....]
> 05 Feb 2016 22:51:31,937 [DEBUG] 
> [org.apache.http.client.protocol.RequestAddCookies.process() ] Cookie 
> [version: 0][name: ubid-main][value: 185-8870350-8865056][domain: 
> amazon.com][path: /][expiry: Tue Jan 01 13:30:01 IST 2036] match 
> [www.amazon.com:443/gp/....]
> 05 Feb 2016 22:51:31,938 [DEBUG] 
> [org.apache.http.client.protocol.RequestAddCookies.process() ] Cookie 
> [version: 0][name: x-main][value: 0A8G..QeW][domain: amazon.com][path: 
> /][expiry: Thu Jan 31 22:50:38 IST 2036] match [www.amazon.com:443/gp/....]
> 05 Feb 2016 22:51:31,938 [DEBUG] 
> [org.apache.http.client.protocol.RequestAddCookies.process() ] Cookie 
> [version: 0][name: x-wl-uid][value: 16a..28=][domain: amazon.com][path: 
> /][expiry: Tue Jan 01 13:30:01 IST 2036] match [www.amazon.com:443/gp/....]
> 05 Feb 2016 22:51:31,938 [DEBUG] 
> [org.apache.http.client.protocol.RequestAuthCache.process() ] Auth cache not 
> set in the context
> ..........
> whereas the cookie store at this request time held these cookies:
> [
>   { "name": "a-ogbcbff", "value": "1", "creationDate": 1454692838839, "path": 
> "/", "comment": null, "version": 0, "domain": "amazon.com", "secure": false, 
> "expiryDate": 1454693670000, "commentURL": null, "persistent": true, "ports": 
> null
>   },
>   { "name": "at-main", "value": "5|X5..fS50", "creationDate": 1454692838841, 
> "path": "/", "comment": null, "version": 0, "domain": "amazon.com", "secure": 
> true, "expiryDate": 2085412830000, "commentURL": null, "persistent": true, 
> "ports": null
>   },
>   { "name": "sess-at-main", "value": "qEy..Sc=", "creationDate": 
> 1454692838841, "path": "/", "comment": null, "version": 0, "domain": 
> "amazon.com", "secure": true, "expiryDate": null, "commentURL": null, 
> "persistent": false, "ports": null
>   },
>   { "name": "session-id", "value": "187-0721455-2118442", "creationDate": 
> 1454692892527, "path": "/", "comment": null, "version": 0, "domain": 
> "amazon.com", "secure": false, "expiryDate": 2082787201000, "commentURL": 
> null, "persistent": true, "ports": null
>   },
>   { "name": "session-id-time", "value": "2082787201l", "creationDate": 
> 1454692892527, "path": "/", "comment": null, "version": 0, "domain": 
> "amazon.com", "secure": false, "expiryDate": 2082787201000, "commentURL": 
> null, "persistent": true, "ports": null
>   },
>   { "name": "session-token", "value": "bL7a..Ag==", "creationDate": 
> 1454692838840, "path": "/", "comment": null, "version": 0, "domain": 
> "amazon.com", "secure": false, "expiryDate": 2085412838840, "commentURL": 
> null, "persistent": true, "ports": null
>   },
>   { "name": "skin", "value": "noskin", "creationDate": 1454692839279, "path": 
> "/", "comment": null, "version": 0, "domain": "amazon.com", "secure": false, 
> "expiryDate": null, "commentURL": null, "persistent": false, "ports": null
>   },
>   { "name": "ubid-main", "value": "185-8870350-8865056", "creationDate": 
> 1454692892527, "path": "/", "comment": null, "version": 0, "domain": 
> "amazon.com", "secure": false, "expiryDate": 2082787201000, "commentURL": 
> null, "persistent": true, "ports": null
>   },
>   { "name": "x-main", "value": "0A8G...h9QeW", "creationDate": 1454692838841, 
> "path": "/", "comment": null, "version": 0, "domain": "amazon.com", "secure": 
> false, "expiryDate": 2085412838841, "commentURL": null, "persistent": true, 
> "ports": null
>   },
>   { "name": "x-wl-uid", "value": "16aq..0C28=", "creationDate": 
> 1454692839280, "path": "/", "comment": null, "version": 0, "domain": 
> "amazon.com", "secure": false, "expiryDate": 2082787201000, "commentURL": 
> null, "persistent": true, "ports": null
>   }
> ]
> Interestingly, if i reset the secure flag to false of each cookie in the 
> cookieStore after the request was made, then everything goes fine and session 
> is maintained. 
> Didn't capture that logs.. Will do and post again.
> I used below code to create the client:
> RequestConfig globalRequestConfig = RequestConfig.custom()
> .setCookieSpec(CookieSpecs.STANDARD)
> ......
> CloseableHttpClient httpClient = HttpClientBuilder.create()
> .setDefaultRequestConfig(globalRequestConfig)
> .setDefaultCookieStore(cookieStore)
> ..............
> Am i doing anything wrong, or is something missed, or is it a bug?
> Thanks



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

[jira] [Resolved] (HTTPCLIENT-1720) secure cookies are not being sent to host:443 requests!

Reply via email to