Oleg, I did not get any response from the slide mailing list concerning plans to migrate httpclient in slide. I thinking to do the migration myself. Can you estimate how much effort is needed to do this? You suggested to lend a helping hand to port the code. How will you do this? Does there exist some documentation about the migration. What are the pitfalls?
Jan -----Original Message----- From: Oleg Kalnichevski [mailto:[EMAIL PROTECTED] Sent: maandag 20 februari 2006 18:57 To: HttpClient Project Subject: RE: cookie processing On Mon, 2006-02-20 at 17:32 +0100, Hoef, Jan wrote: > Hi Oleg, > > I had a wrong statement in my first mail, the value of the second cookie > was quoted. > cadata="1,kou8Vc9O9nrV4YRnTwVz6QMNbuiWuIg2NprLOkMT4NEcDtGkSTB2P9ORB2QUHs > uP+E2OfwYC4rWCMgGe". > > I tested it on httpclient 2 and 3. > Only the netscape draft spec of httpclient 3 parsed the sessionid cookie > into 1 cookie all the other made 2 cookies from it. > > Jan > Which is precisely the way it is meant to be. You have a few choices here (1) report the bug to the software manufacturer and get them fix it (2) inquire with the Slide folks if they have any plans to migrate off HttpClient 2.0 to HttpClient 3.0. If needed, I can lend them a helping help porting the code to the newest HttpClient release (3) fork HttpClient 2.0 Oleg > Testcase httpclient3: > > > package org.apache.commons.httpclient.cookie; > > import org.apache.commons.httpclient.Cookie; > import org.apache.commons.httpclient.cookie.CookieSpec; > > import junit.framework.TestCase; > > public class TestWrongCookie extends TestCase { > > public void testParseRFC2109() throws Exception { > > CookieSpec parser = new RFC2109Spec(); > String setCookie1 = > "sessionid=4241de88-1c21-4f39-b7b7-f50a87d6a828, 0x409; path=/"; > String setCookie2 = > "cadata=\"1,kou8Vc9O9nrV4YRnTwVz6QMNbuiWuIg2NprLOkMT4NEcDtGkSTB2P9ORB2QU > HsuP+E2OfwYC4rWCMgGe\"; HttpOnly; secure; path=/"; > Cookie[] parsed1 = > parser.parse("127.0.0.1",80,"/",true,setCookie1); > Cookie[] parsed2 = > parser.parse("127.0.0.1",80,"/",true,setCookie2); > assertEquals(2,parsed1.length); > assertEquals(1,parsed2.length); > } > > public void testParseNetscape() throws Exception { > > > CookieSpec parser = new NetscapeDraftSpec(); > String setCookie1 = > "sessionid=4241de88-1c21-4f39-b7b7-f50a87d6a828, 0x409; path=/"; > String setCookie2 = > "cadata=\"1,kou8Vc9O9nrV4YRnTwVz6QMNbuiWuIg2NprLOkMT4NEcDtGkSTB2P9ORB2QU > HsuP+E2OfwYC4rWCMgGe\"; HttpOnly; secure; path=/"; > Cookie[] parsed1 = > parser.parse("127.0.0.1",80,"/",true,setCookie1); > Cookie[] parsed2 = > parser.parse("127.0.0.1",80,"/",true,setCookie2); > assertEquals(1,parsed1.length); > assertEquals(1,parsed2.length); > } > } > > -----Original Message----- > From: Oleg Kalnichevski [mailto:[EMAIL PROTECTED] > Sent: maandag 20 februari 2006 15:54 > To: HttpClient Project > Subject: RE: cookie processing > > On Mon, 2006-02-20 at 15:46 +0100, Hoef, Jan wrote: > > Thanx for your explanation. I'll try out the Netscape cookie draft > spec. > > However the httpclient code generates only 3 cookies out of it, not 4. > > > > Jan > > > > Jan, > I have not touched the HttpClient 2.x code for almost 6 months now, so I > may well be wrong about it, but I do see that both cookies violate the > HTTP spec. Try hitting the site with HttpClient 3.0 and see if that > makes any difference > > Oleg > > > > -----Original Message----- > > From: Oleg Kalnichevski [mailto:[EMAIL PROTECTED] > > Sent: maandag 20 februari 2006 15:36 > > To: HttpClient Project > > Subject: Re: cookie processing > > > > On Mon, 2006-02-20 at 14:34 +0100, Hoef, Jan wrote: > > > Hi, > > > > > > I am working with the jakarta project slide that uses the > > > commons-httpclient-2.0.2. > > > I have written a client that sends requests via webdav to the > > microsoft > > > exchange server 2003. > > > In the exchange server form based authentication is active. > > > Wenn I enter my logon credentials in my post request, the server > > > responds containing 2 cookies that are needed in all next request. > > > These cookies are, e.g.: > > > - sessionid=4241de88-1c21-4f39-b7b7-f50a87d6a828, 0x409; path=/ > > > - > > > > > > cadata=1,kou8Vc9O9nrV4YRnTwVz6QMNbuiWuIg2NprLOkMT4NEcDtGkSTB2P9ORB2QUHsu > > > P+E2OfwYC4rWCMgGe; HttpOnly; secure; path=/ > > > > > > However at parsing the cookies, 3 cookies are recognized, i.e.: > > > - sessionid=4241de88-1c21-4f39-b7b7-f50a87d6a828 > > > - 0x409 > > > - > > > > > > cadata=1,kou8Vc9O9nrV4YRnTwVz6QMNbuiWuIg2NprLOkMT4NEcDtGkSTB2P9ORB2QUHsu > > > P+E2OfwYC4rWCMgGe > > > > > > The 0x409 part should not be a cookie but should be a part of the > > > sessionid cookie!!! > > > > > > > No, this is wrong. The cookie sessionid clearly violates the HTTP spec > > and the Cookie and Cookie2 specs. Please report this bug to the > software > > manufacturer. > > > > Actually you should be getting 4 cookies in total, as the cadata > cookie > > is invalid as well. > > > > HttpClient 3.0 provides the Netscape Draft cookie spec which may work > > with these cookies. Netscape Cookie Draft is the only spec that > permits > > the use of special separator characters, such as comma, in cookie > values > > that are not enclosed in quotes > > > > Hope this explains the situation > > > > Oleg > > > > > > > The ideal solution would be to correct this in the cookie parser. > > > Because I am no expert in cookies and httpclient, Ii changed the > > > httpstate class in such a way that I can manipulate the cookies. > See > > > path below. > > > > > > Jan > > > > > > > > > > > > [patch] > > > Index: > > > > > > D:/jakarta/httpclient/src/java/org/apache/commons/httpclient/HttpState.j > > > ava > > > =================================================================== > > > --- > > > > > > D:/jakarta/httpclient/src/java/org/apache/commons/httpclient/HttpState.j > > > ava (revision 379076) > > > +++ > > > > > > D:/jakarta/httpclient/src/java/org/apache/commons/httpclient/HttpState.j > > > ava (working copy) > > > @@ -1,7 +1,7 @@ > > > /* > > > * $Header: > > > > > > /home/jerenkrantz/tmp/commons/commons-convert/cvs/home/cvs/jakarta-commo > > > > ns//httpclient/src/java/org/apache/commons/httpclient/HttpState.java,v > > > 1.22.2.3 2003/10/29 03:08:49 mbecke Exp $ > > > * $Revision: 1.22.2.3 $ > > > - * $Date: 2003/10/29 03:08:49 $ > > > + * $Date$ > > > * > > > * > > ==================================================================== > > > * > > > @@ -96,7 +96,7 @@ > > > * @author <a href="mailto:[EMAIL PROTECTED]">Mike > > > Bowler</a> > > > * @author <a href="mailto:[EMAIL PROTECTED]">Adrian Sutton</a> > > > * > > > - * @version $Revision: 1.22.2.3 $ $Date: 2003/10/29 03:08:49 $ > > > + * @version $Revision: 1.22.2.3 $ $Date$ > > > * > > > */ > > > public class HttpState { > > > @@ -199,6 +199,7 @@ > > > public synchronized void addCookie(Cookie cookie) { > > > LOG.trace("enter HttpState.addCookie(Cookie)"); > > > > > > + int i = 0; > > > if (cookie != null) { > > > // first remove any old cookie that is equivalent > > > for (Iterator it = cookies.iterator(); it.hasNext();) { > > > @@ -207,13 +208,37 @@ > > > it.remove(); > > > break; > > > } > > > + i++; > > > } > > > if (!cookie.isExpired()) { > > > - cookies.add(cookie); > > > + if (i==0) > > > + cookies.add(cookie); > > > + else > > > + cookies.add(i,cookie); > > > } > > > } > > > } > > > + /** > > > + * Remove an [EMAIL PROTECTED] Cookie HTTP cookie}, any existing > equivalent > > > cookies. > > > + * > > > + * @param cookie the [EMAIL PROTECTED] Cookie cookie} to be removed > > > + * > > > + */ > > > + public synchronized void removeCookie(Cookie cookie) { > > > + LOG.trace("enter HttpState.removeCookie(Cookie)"); > > > > > > + if (cookie != null) { > > > + // first remove any old cookie that is equivalent > > > + for (Iterator it = cookies.iterator(); it.hasNext();) { > > > + Cookie tmp = (Cookie) it.next(); > > > + if (cookie.equals(tmp)) { > > > + it.remove(); > > > + break; > > > + } > > > + } > > > + } > > > + } > > > + > > > /** > > > * Adds an array of [EMAIL PROTECTED] Cookie HTTP cookies}. Cookies > > > are > > added > > > individually and > > > * in the given array order. If any of the given cookies has > > > already expired it will > > > > > > > --------------------------------------------------------------------- > > > To unsubscribe, e-mail: > [EMAIL PROTECTED] > > > For additional commands, e-mail: > > [EMAIL PROTECTED] > > > > > > > > > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > For additional commands, e-mail: > [EMAIL PROTECTED] > > > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > For additional commands, e-mail: > [EMAIL PROTECTED] > > > > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
