[jira] [Created] (HTTPCLIENT-1212) SET-COOKIE header with RFC1036 Date cannot be parsed / is dropped

Tue, 03 Jul 2012 07:40:54 -0700 

Achim Westermann created HTTPCLIENT-1212:
--------------------------------------------

             Summary: SET-COOKIE header with RFC1036 Date cannot be parsed / is 
dropped
                 Key: HTTPCLIENT-1212
                 URL: https://issues.apache.org/jira/browse/HTTPCLIENT-1212
             Project: HttpComponents HttpClient
          Issue Type: Bug
          Components: HttpClient
    Affects Versions: 4.2 Final
         Environment: Linux version 3.2.0-3-amd64 (Debian 3.2.21-3) 
([email protected]) (gcc version 4.6.3 (Debian 4.6.3-8) )
            Reporter: Achim Westermann


Problem: Server sends a cookie in RF-1036 date: 

DEBUG [org.apache.http.wire] << "HTTP/1.0 301 Moved Permanently[\r][\n]"
DEBUG [org.apache.http.wire] << "Server: Apache-Coyote/1.1[\r][\n]"
DEBUG [org.apache.http.wire] << "X-Powered-By: Servlet 2.5; 
JBoss-5.0/JBossWeb-2.1[\r][\n]"
DEBUG [org.apache.http.wire] << "Set-Cookie: testcookie=test; Expires=Wed, 
03-Jul-2013 13:39:50 GMT; Path=/[\r][\n]"
DEBUG [org.apache.http.wire] << "P3P: CP='IDC DSP COR ADM DEVi TAIi PSA PSD 
IVAi IVDi CONi HIS OUR IND CNT'[\r][\n]"
DEBUG [org.apache.http.wire] << "Location: 
http://de.eso.tv/wahrsager-hellseher[\r][\n]";
DEBUG [org.apache.http.wire] << "Content-Length: 0[\r][\n]"
DEBUG [org.apache.http.wire] << "Date: Tue, 03 Jul 2012 13:39:50 GMT[\r][\n]"
DEBUG [org.apache.http.wire] << "X-Varnish: 1697680967[\r][\n]"
DEBUG [org.apache.http.wire] << "Age: 0[\r][\n]"
DEBUG [org.apache.http.wire] << "Via: 1.1 varnish[\r][\n]"
DEBUG [org.apache.http.wire] << "X-Cache: MISS from 
dslrouter02.qintern.de[\r][\n]"
DEBUG [org.apache.http.wire] << "X-Cache-Lookup: MISS from 
dslrouter02.qintern.de:3128[\r][\n]"
DEBUG [org.apache.http.wire] << "Proxy-Connection: keep-alive[\r][\n]"
DEBUG [org.apache.http.wire] << "[\r][\n]"

The RFC2109Spec.java uses the DateUtils.PATTERN_RFC1036 in the default set for 
cookie dates. 

Method RFC2109Spec.parse(Header, CookieOrigin), line 108 uses: 
header.getElements();
This method sees the ',' as the delimiter between two header elements 
(BasicHeaderValueParser., line 162 (ELEM_DELIMITER). 

Given the header: "Set-Cookie: testcookie=test; Expires=Wed, 03-Jul-2013 
14:22:28 GMT; Path=/" 

we end up with two HeaderElement instances: 
1. testcookie=test; Expires=Wed
2. 03-Jul-2013 14:22:28 GMT; Path=/ 

Now back from httpcore to httpclient:CookieSpecBase.parse(HeaderElement[], 
CookieOrigin), line 93: 
This leads to BasicExpiresHandler.parse(SetCookie, String) being called with a 
value "Wed" and to a MalformedCookieException. 

For the big picture: httpclient sessions that have to send cookies (e.g. for 
preventing redirect-loops) will not work with servers sending this date format. 



--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: 
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira

        

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to