I think we found the problem to this. One of our developers decompiled
allaire's code and found the format string they use before they push the
cookie to the browser is incorrect. Take a look bellow for details. We
opened a ticket up with Allaire first thing this morning on this but haven't
heard anything from them. So much for our 4 hr. response time in the SLA.
Curious, anyone else having a similar problem? It seems it only causes
problem on certain browser versions (IE 5.0 for sure). Some browsers deal
with the 24. Has this been reported before? I'm surprised this isn't
causing problems for everyone. We only noticed it because our sessions
don't work between 2:40 and 3:40 PM when our cookie expiration time happens
to be at 24:00:00 GMT. Pretty much has been bringing all of our development
to a halt in the afternoon.
Unfortunately, we are only using a demo version to decompile the code so we
can't recompile a fixed version. If anyone is interested in fixing the code
and recompiling it, we'd definitely be interested in testing it out come
2:40 in the afternoon.
-Jeff
-----Original Message-----
From: Dave Mimno [mailto:[EMAIL PROTECTED]]
Sent: Friday, September 15, 2000 11:58 AM
To: Luke Hankins; Sean Hogarty; Jeff Stevens
Subject: Cookie problem in JRun
Out of curiosity, I decompiled a few JRun classes.
In the method addVers0() in allaire.jrun.servlet.JRunCookieUtil, there is
the following code:
SimpleDateFormat simpledateformat =
new SimpleDateFormat("EEE, dd-MMM-yyyy kk:mm:ss 'GMT'");
According to the Java 2 APIs, k represents hour in day (1~24). H
represents hour in day (0~23). According to RFC822, date strings should be
0~23.
> -----Original Message-----
> From: Jeff Stevens [mailto:[EMAIL PROTECTED]]
> Sent: Thursday, September 14, 2000 9:19 PM
> To: [EMAIL PROTECTED]
> Subject: Invalid Cookie Expiration Time
>
>
> Ok, I give up here. Why is JRun handing out a cookie that expires at
> 24:38:33 !?!?! HTTP specs say cookie times should be in RFC 822 format:
> 0-23. Why is JRun handing out a 24:xx:xx cookie?!?
>
> The reason I ask is that our own cookie (SEID) seems to be using a 1-24
> format and I think this is causing us some problems.
>
> We are using javax.servlet.http.Cookie and setMaxAge(). Does
> JRun use this
> as well to set it's cookies? Does this point to some bug in the JRE?
>
> Mmm, what's up?
>
> HTTP/1.1 200 OK
> Server: Microsoft-IIS/5.0
> Date: Fri, 15 Sep 2000 00:38:33 GMT
> Set-Cookie: SEID=2031033;expires=Tue, 28-Aug-2001 05:58:33 GMT;path=/
> Set-Cookie: jsessionid=7121968978313336;expires=Wed, 15-Sep-1999 24:38:33
> GMT;path=/
> Expires: Thu, 01 Dec 1994 16:00:00 GMT
> Connection: Close
> Cache-Control: no-cache="set-cookie,set-cookie2"
> Content-Type: text/html; charset=ISO-8859-1
>
> ---
> Jeff Stevens
> System Engineer
> Tradeout
> (617) 283-3545
>
> ------------------------------------------------------------------
> ------------
> Archives: http://www.egroups.com/group/jrun-interest/
> Unsubscribe:
> http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/jrun_talk
> or send a message to [EMAIL PROTECTED] with
> 'unsubscribe' in the body.
------------------------------------------------------------------------------
Archives: http://www.egroups.com/group/jrun-interest/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/jrun_talk
or send a message to [EMAIL PROTECTED] with 'unsubscribe' in the
body.
