[
https://issues.apache.org/jira/browse/KNOX-2538?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Sandeep More updated KNOX-2538:
-------------------------------
Reporter: Zoltan Holoda (was: Sandeep More)
> JSESSIONID cookie missing when Zeppelin UI proxied via Knox
> -----------------------------------------------------------
>
> Key: KNOX-2538
> URL: https://issues.apache.org/jira/browse/KNOX-2538
> Project: Apache Knox
> Issue Type: Bug
> Components: Server
> Reporter: Zoltan Holoda
> Assignee: Sandeep More
> Priority: Major
> Fix For: 1.6.0
>
>
> Sometimes Knox gateway sends back Set-Cookie header in not proper formatted
> way, mix attribute order
> {code}
> properly formatted SET-COOKIE response (start with JSESSIONID)
> GET /zeppelin/api/security/ticket
> Set-Cookie: JSESSIONID=ba760126-414f-406d-baa1-99e14eb47656; SameSite=none;
> Secure; Path=/; HttpOnly
> {code}
> {code}
> not properly formatted SET-COOKIE response
> GET /zeppelin/api/security/ticket
> Set-Cookie: SameSite=none; Secure; Path=/;
> JSESSIONID=b2934cd3-820a-47da-a9b8-4b3af3284502; HttpOnly
> {code}
> _Informally, the Set-Cookie response header contains the header name
> "Set-Cookie" followed by a ":" and a cookie. Each cookie begins with a
> name-value-pair, followed by zero or more attribute-value pairs. _
> - [Set-Cookie specification|https://tools.ietf.org/html/rfc6265#section-4.1.1]
> Not properly formatted SET-COOKIE issue is not always present, sometimes it
> is working, sometimes is not. Please try a couple of times to reproduce this
> issue, If the JSESSIONID cookie presents, remove it manually and refresh the
> page to simulate session timeout case.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
