[jira] [Work logged] (KNOX-2946) Cookie Path Scoping doesn't work when using default topology URL

[ASF GitHub Bot (Jira)]

     [ 
https://issues.apache.org/jira/browse/KNOX-2946?focusedWorklogId=879413&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-879413
 ]

ASF GitHub Bot logged work on KNOX-2946:
----------------------------------------

                Author: ASF GitHub Bot
            Created on: 31/Aug/23 15:05
            Start Date: 31/Aug/23 15:05
    Worklog Time Spent: 10m 
      Work Description: pzampino commented on code in PR #786:
URL: https://github.com/apache/knox/pull/786#discussion_r1311770180


##########
gateway-provider-rewrite/src/main/java/org/apache/knox/gateway/filter/rewrite/api/CookieScopeServletFilter.java:
##########
@@ -43,7 +45,12 @@ public void init( FilterConfig filterConfig ) throws 
ServletException {
   @Override
   protected void doFilter( HttpServletRequest request, HttpServletResponse 
response, FilterChain chain )
       throws IOException, ServletException {
-    chain.doFilter(request, new CookieScopeResponseWrapper(response, 
gatewayPath, topologyName));
+    if 
("true".equals(request.getAttribute(DEFAULT_TOPOLOGY_FORWARD_ATTRIBUTE_NAME))) {

Review Comment:
   Would 
Boolean.parseBoolean(request.getAttribute(DEFAULT_TOPOLOGY_FORWARD_ATTRIBUTE_NAME))
 be better here?



##########
gateway-provider-rewrite/src/main/java/org/apache/knox/gateway/filter/rewrite/impl/CookieScopeResponseWrapper.java:
##########
@@ -46,8 +46,8 @@ public CookieScopeResponseWrapper(HttpServletResponse 
response, String gatewayPa
     public void addHeader(String name, String value) {
         if (SET_COOKIE.equals(name)) {
             String updatedCookie;
-            if (value.contains(COOKIE_PATH)) {
-                updatedCookie = value.replace(COOKIE_PATH, scopePath);
+            if (hasCookiePathAttribute(value)) {
+                updatedCookie = value.replaceAll("(?i)" + COOKIE_PATH, 
scopePath);

Review Comment:
   What is being done here?





Issue Time Tracking
-------------------

    Worklog Id:     (was: 879413)
    Time Spent: 20m  (was: 10m)

> Cookie Path Scoping doesn't work when using default topology URL
> ----------------------------------------------------------------
>
>                 Key: KNOX-2946
>                 URL: https://issues.apache.org/jira/browse/KNOX-2946
>             Project: Apache Knox
>          Issue Type: Bug
>            Reporter: Attila Magyar
>            Assignee: Attila Magyar
>            Priority: Major
>          Time Spent: 20m
>  Remaining Estimate: 0h
>
> When gateway.scope.cookies.feature.enabled is turned on, knox will update the 
> Path attribute of the Set-Cookie header to /ctxpath/topology_name/, e.g.: 
> Original:
> Set-Cookie: xxx Path = /
> Updated:
> Set-Cookie: xxx Path = /gateway/cdp-proxy
> However, when the gateway.default.app.topology.name is set to cdp-proxy, and 
> we access a service via the default topology (there is no cdp-proxy in the 
> URL) then the cookie will be blocked by the browser.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)