[ https://issues.apache.org/jira/browse/KNOX-2015 ]
Chang Zhichao deleted comment on KNOX-2015:
-------------------------------------
was (Author: changzc_330):
Hi, [~smolnar] , in commit "KNOX-2015 - Allow end-users to exclude only certain
directives of the SET-COOKIE HTTP header (#154)", I notice that DefaultDispatch
replace cookie separator with "".
{quote}headerValuesToCheck = headerValuesToCheck.stream().map(h ->
h.replaceAll(separator.trim(), "")).collect(Collectors.toSet());{quote}
This change will change the SET-COOKIE HTTP header and made my login process
failed.
Why we need this change? Can we keep the SET-COOKIE HTTP header unchanged, just
as [RFC 6265|https://www.rfc-editor.org/rfc/rfc6265#section-4.2.1] defined?
> Need the ability to blacklist certain cookies with ConfigurableDispatch
> -----------------------------------------------------------------------
>
> Key: KNOX-2015
> URL: https://issues.apache.org/jira/browse/KNOX-2015
> Project: Apache Knox
> Issue Type: Bug
> Components: Server
> Reporter: Sandeep More
> Assignee: Sandor Molnar
> Priority: Major
> Fix For: 1.4.0
>
> Time Spent: 0.5h
> Remaining Estimate: 0h
>
> With ConfigurableDispatch we can prevent cookies from setting, currently it
> is all or none, we need to be able to specify what cookies to avoid getting
> set.
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
