On Wed, 17 Nov 2021 14:07:09 GMT, Daniel Fuchs <dfu...@openjdk.org> wrote:
>> Hi, >> >> Please find enclosed a patch that solves an unexpected interaction between >> server-set cookies and user-set cookies in the `java.net.HttpClient`. >> >> In JDK 12 we fixed >> [JDK-8213189](https://bugs.openjdk.java.net/browse/JDK-8213189) to allow >> user-supplied header to take precedence over (that is, replace) >> system-headers. >> At the time the fact that server cookies would be added to the >> system-supplied headers by the `CookieHandler` (if present), and that a >> user-supplied cookie would therefore replace them (instead of simply >> appending to them) was overlooked. >> >> This fix proposes to restore the behavior of JDK 11 WRT to cookies - and >> arrange for user-supplied cookies to be appended to server-supplied cookies. > > Daniel Fuchs has updated the pull request incrementally with one additional > commit since the last revision: > > More cleanup Changes requested by michaelm (Reviewer). src/java.net.http/share/classes/jdk/internal/net/http/Http1Request.java line 124: > 122: // to the target server. > 123: collectHeaders1(sb, uh, nocookies); > 124: I found this part of the change confusing, could I suggest that the comment below is changed to say: // Gather all 'Cookie:' headers from the unfiltered system headers, and the user headers // and concatenate their values in a single line ------------- PR: https://git.openjdk.java.net/jdk/pull/6408
