[
https://issues.apache.org/jira/browse/HTTPCLIENT-969?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Oleg Kalnichevski updated HTTPCLIENT-969:
-----------------------------------------
Fix Version/s: 4.0.2
4.1 Alpha3
> BasicCookieStore.getCookies() returns non-threadsafe collection
> ---------------------------------------------------------------
>
> Key: HTTPCLIENT-969
> URL: https://issues.apache.org/jira/browse/HTTPCLIENT-969
> Project: HttpComponents HttpClient
> Issue Type: Bug
> Components: HttpClient
> Reporter: David Smiley
> Priority: Minor
> Fix For: 4.0.2, 4.1 Alpha3
>
>
> BasicCookieStore.getCookies() is a simple method. It's synchronized, and it
> returns an unmodifiable wrapper around the underlying cookie list. If the
> caller were to then iterate over it as another thread were to manipulate the
> cookie list via BasicCookieStore, this would create a thread un-safe
> situation because both threads aren't doing their reading/writing with the
> same lock (the reader doesn't even have a lock).
> I suggest fixing this by using CopyOnWriteArrayList, or by making a defensive
> copy in getCookies()
> This issue might apply to some of the other basic implementations of some of
> the interfaces but I haven't checked.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
