Hi, we're porting some old code to use httpclient, and I was having
trouble with the manual cookie stuff that we do.
We hit a 3rd party web-site (AOL) for some info, and it sets a cookie
that we want to grab.
I obfuscated the url's and data, but the gist of it is that we hit the
url:
2004/03/24 19:06:25:295 PST [DEBUG] wire - ->> "GET /a/b/c/aol
HTTP/1.1[\r][\n]"
We get back a Set-Cookie:
2004/03/24 19:06:25:535 PST [DEBUG] wire - -<< "Set-Cookie:
badsc=cookie-value;path=/X/b/c[\r][\n]
I then see this:
2004/03/24 19:06:25:944 PST [WARN] HttpMethodBase - -Cookie rejected:
"$Version=0
; badsc=cookie-value; $Path=/X/b/c". Illegal path attribute "/X/b/c".
Path of origin: "/a/b/c/aol"
and when I try to look for this cookie in HttpState it isn't there. The
above msg is due to this code in CookieSpecBase:
if (!path.startsWith(cookie.getPath())) {
throw new MalformedCookieException(
"Illegal path attribute \"" + cookie.getPath()
+ "\". Path of origin: \"" + path + "\"");
}
So the problem is that the path of the cookie starts with /X, when the
path of the request started with /a.
Our old code worked fine (using std java.net classes) and was able to
pull out this cookie. I assume this validity check is due to some RFC
requirement. I did try the different policies and got the same error
each time. But given that this is 3rd party behavior that we need to
support, what is the recommended way to deal with this situation (short
of commenting out the code above)??
Thanks.
