Details
-
Bug
-
Status: Closed
-
Major
-
Resolution: Fixed
-
4.4.1
-
None
Description
Url to reproduce (need to follow redirects)
Logs:
2015:04:15 00:47:10,467 [WARN ] org.apache.http.client.protocol.ResponseProcessCookies - Invalid cookie header: "Set-Cookie: sr=true; path=/; expires=Tue, 14 Apr 2015 21:36:16 GMT; max-age=30;". Invalid 'expires' attribute: 30
RFC6265CookieSpecBase tries to parse max-age value with LaxExpiresHandler that expects value to be in a cookie-date format, as far I understand. Meanwhile RFC6265 states:
"... Append an attribute to the cookie-attribute-list with an attribute-name of Max-Age and an attribute-value of expiry-time..."
It seems it should just ignore invalid expires value anyway:
"...If the attribute-value failed to parse as a cookie date, ignore the
cookie-av..."