Quoted paths in Set-Cookie header

classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|

Quoted paths in Set-Cookie header

Jim Crossley
I'm having a real dick of a time verifying that session replication
works in AS7.  I think my problems may stem from cookies not being
passed correctly, because the Set-Cookie header includes Path="/"
instead of Path=/.

I'm testing with curl.  I'm testing an app that works fine on AS6, which
returns a header like this:

  Set-Cookie: JSESSIONID=0669E4BF117ED01784254238ED00E492; Path=/

When I deploy the app on AS7, I get this:

  Set-Cookie: JSESSIONID=16S0e9hUZkQDpJCqxeBrBTLQ; Version=1; Path="/"

Which seems to prevent curl from passing the cookie back in subsequent
requests.

Interestingly, I can manually edit curl's cookie-store file to remove
the quotes, and subsequent requests work correctly.

Is this some sort of strict tomcat request handling behavior that I can
turn off?  Anyone else seen this?

Thanks,
Jim
_______________________________________________
jboss-as7-dev mailing list
[hidden email]
https://lists.jboss.org/mailman/listinfo/jboss-as7-dev
Reply | Threaded
Open this post in threaded view
|

Re: Quoted paths in Set-Cookie header

Jaikiran Pai
See http://community.jboss.org/message/612763#612763

-Jaikiran
On Thursday 14 July 2011 09:37 AM, Jim Crossley wrote:

> I'm having a real dick of a time verifying that session replication
> works in AS7.  I think my problems may stem from cookies not being
> passed correctly, because the Set-Cookie header includes Path="/"
> instead of Path=/.
>
> I'm testing with curl.  I'm testing an app that works fine on AS6, which
> returns a header like this:
>
>    Set-Cookie: JSESSIONID=0669E4BF117ED01784254238ED00E492; Path=/
>
> When I deploy the app on AS7, I get this:
>
>    Set-Cookie: JSESSIONID=16S0e9hUZkQDpJCqxeBrBTLQ; Version=1; Path="/"
>
> Which seems to prevent curl from passing the cookie back in subsequent
> requests.
>
> Interestingly, I can manually edit curl's cookie-store file to remove
> the quotes, and subsequent requests work correctly.
>
> Is this some sort of strict tomcat request handling behavior that I can
> turn off?  Anyone else seen this?
>
> Thanks,
> Jim
> _______________________________________________
> jboss-as7-dev mailing list
> [hidden email]
> https://lists.jboss.org/mailman/listinfo/jboss-as7-dev

_______________________________________________
jboss-as7-dev mailing list
[hidden email]
https://lists.jboss.org/mailman/listinfo/jboss-as7-dev
Reply | Threaded
Open this post in threaded view
|

Re: Quoted paths in Set-Cookie header

Jim Crossley
Jaikiran Pai <[hidden email]> writes:

> See http://community.jboss.org/message/612763#612763

Thanks, Jaikiran.  I'd say the default values for those properties
violate the principle of least surprise, though.  :)

Jim


> -Jaikiran
> On Thursday 14 July 2011 09:37 AM, Jim Crossley wrote:
>> I'm having a real dick of a time verifying that session replication
>> works in AS7.  I think my problems may stem from cookies not being
>> passed correctly, because the Set-Cookie header includes Path="/"
>> instead of Path=/.
>>
>> I'm testing with curl.  I'm testing an app that works fine on AS6, which
>> returns a header like this:
>>
>>    Set-Cookie: JSESSIONID=0669E4BF117ED01784254238ED00E492; Path=/
>>
>> When I deploy the app on AS7, I get this:
>>
>>    Set-Cookie: JSESSIONID=16S0e9hUZkQDpJCqxeBrBTLQ; Version=1; Path="/"
>>
>> Which seems to prevent curl from passing the cookie back in subsequent
>> requests.
>>
>> Interestingly, I can manually edit curl's cookie-store file to remove
>> the quotes, and subsequent requests work correctly.
>>
>> Is this some sort of strict tomcat request handling behavior that I can
>> turn off?  Anyone else seen this?
>>
>> Thanks,
>> Jim
>> _______________________________________________
>> jboss-as7-dev mailing list
>> [hidden email]
>> https://lists.jboss.org/mailman/listinfo/jboss-as7-dev
>
> _______________________________________________
> jboss-as7-dev mailing list
> [hidden email]
> https://lists.jboss.org/mailman/listinfo/jboss-as7-dev
_______________________________________________
jboss-as7-dev mailing list
[hidden email]
https://lists.jboss.org/mailman/listinfo/jboss-as7-dev
Reply | Threaded
Open this post in threaded view
|

Re: Quoted paths in Set-Cookie header

Benjamin Browning
I created https://issues.jboss.org/browse/AS7-1283 to track the issue.

On Jul 14, 2011, at 7:58 AM, Jim Crossley wrote:

> Jaikiran Pai <[hidden email]> writes:
>
>> See http://community.jboss.org/message/612763#612763
>
> Thanks, Jaikiran.  I'd say the default values for those properties
> violate the principle of least surprise, though.  :)
>
> Jim
>
>
>> -Jaikiran
>> On Thursday 14 July 2011 09:37 AM, Jim Crossley wrote:
>>> I'm having a real dick of a time verifying that session replication
>>> works in AS7.  I think my problems may stem from cookies not being
>>> passed correctly, because the Set-Cookie header includes Path="/"
>>> instead of Path=/.
>>>
>>> I'm testing with curl.  I'm testing an app that works fine on AS6, which
>>> returns a header like this:
>>>
>>>   Set-Cookie: JSESSIONID=0669E4BF117ED01784254238ED00E492; Path=/
>>>
>>> When I deploy the app on AS7, I get this:
>>>
>>>   Set-Cookie: JSESSIONID=16S0e9hUZkQDpJCqxeBrBTLQ; Version=1; Path="/"
>>>
>>> Which seems to prevent curl from passing the cookie back in subsequent
>>> requests.
>>>
>>> Interestingly, I can manually edit curl's cookie-store file to remove
>>> the quotes, and subsequent requests work correctly.
>>>
>>> Is this some sort of strict tomcat request handling behavior that I can
>>> turn off?  Anyone else seen this?
>>>
>>> Thanks,
>>> Jim
>>> _______________________________________________
>>> jboss-as7-dev mailing list
>>> [hidden email]
>>> https://lists.jboss.org/mailman/listinfo/jboss-as7-dev
>>
>> _______________________________________________
>> jboss-as7-dev mailing list
>> [hidden email]
>> https://lists.jboss.org/mailman/listinfo/jboss-as7-dev
> _______________________________________________
> jboss-as7-dev mailing list
> [hidden email]
> https://lists.jboss.org/mailman/listinfo/jboss-as7-dev

_______________________________________________
jboss-as7-dev mailing list
[hidden email]
https://lists.jboss.org/mailman/listinfo/jboss-as7-dev