[
https://issues.apache.org/jira/browse/KNOX-2015?focusedWorklogId=317273&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-317273
]
ASF GitHub Bot logged work on KNOX-2015:
----------------------------------------
Author: ASF GitHub Bot
Created on: 24/Sep/19 08:46
Start Date: 24/Sep/19 08:46
Worklog Time Spent: 10m
Work Description: smolnar82 commented on pull request #154: KNOX-2015 -
Allow end-users to exclude only certain directives of the SET-COOKIE HTTP header
URL: https://github.com/apache/knox/pull/154
## What changes were proposed in this pull request?
As of now, end-users can either exclude the SET-COOKIE header entirely (as
well as any other request/response header) or include it in the outbound
response by invoking `ConfigurableDispatch.setResponseExcludeHeaders` with the
appropriate `Set`. What this change brought to the table is that certain
SET-COOKIE headers are excluded but some of them are not.
For instance:
- let say the following header is set in the inbound response: `Set-Cookie:
Domain=<domain-value>; Secure; HttpOnly`
- as of now, one can configure Knox to exclude all of these (in fact the
default setting is to exclude the SET-COOKIE header)
- however, one may want to configure Knox to exclude only the
`Domain=<domain-value>` name/value pair going forward -> the outbound response
header will still contain `Set-Cookie: Secure; HttpOnly`
## How was this patch tested?
Added JUnit tests and executed them (running integration tests too where
some of the test cases - e.g.
`org.apache.knox.gateway.GatewayBasicFuncTest.testXForwardHeadersPopulate()` -
check response headers too)
```
[INFO]
------------------------------------------------------------------------
[INFO] BUILD SUCCESS
[INFO]
------------------------------------------------------------------------
[INFO] Total time: 17:46 min (Wall Clock)
[INFO] Finished at: 2019-09-23T22:32:34+02:00
[INFO] Final Memory: 383M/2024M
[INFO]
------------------------------------------------------------------------
```
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
[email protected]
Issue Time Tracking
-------------------
Worklog Id: (was: 317273)
Remaining Estimate: 0h
Time Spent: 10m
> Need the ability to blacklist certain cookies with ConfigurableDispatch
> -----------------------------------------------------------------------
>
> Key: KNOX-2015
> URL: https://issues.apache.org/jira/browse/KNOX-2015
> Project: Apache Knox
> Issue Type: Bug
> Components: Server
> Reporter: Sandeep More
> Assignee: Sandor Molnar
> Priority: Major
> Fix For: 1.4.0
>
> Time Spent: 10m
> Remaining Estimate: 0h
>
> With ConfigurableDispatch we can prevent cookies from setting, currently it
> is all or none, we need to be able to specify what cookies to avoid getting
> set.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
