Uploaded image for project: 'HttpComponents HttpClient'
  1. HttpComponents HttpClient
  2. HTTPCLIENT-1763

Invalid 'expires' attribute

    XMLWordPrintableJSON

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Major
    • Resolution: Invalid
    • Affects Version/s: 4.5.2
    • Fix Version/s: None
    • Component/s: None
    • Labels:
      None

      Description

      We updated HttpClient from 4.3.6 to 4.5.2 and suddenly these warnings started appearing:

      [org.apache.http.client.protocol.ResponseProcessCookies] Invalid cookie header: "Set-Cookie: PLAY_SESSION=; Max-Age=0; Expires=Tue, 23 Aug 2016 11:40:12 GMT; Path=/; Secure; HTTPOnly". Invalid 'expires' attribute: Tue, 23 Aug 2016 11:40:12 GMT

      Looks like this is actually a valid date according to several references:
      https://en.wikipedia.org/wiki/HTTP_cookie#Expires_and_Max-Age
      https://issues.apache.org/jira/browse/HTTPCLIENT-773
      https://issues.apache.org/jira/browse/HTTPCLIENT-1077
      https://issues.apache.org/jira/browse/HTTPCLIENT-923

      We are not using any specific sookie spec, so CookieSpecs.DEFAULT is being used.

      Looking at the source DefaultCookieSpec is being used which detects the netscape format by looking at "expires" in the "Set-Cookie" handler which leads to NetscapeDraftSpec feeding BasicExpiresHandler the NetscapeDraftSpec.EXPIRES_PATTERN which looks wrong to me.

        Attachments

          Activity

            People

            • Assignee:
              Unassigned
              Reporter:
              Firewave Oliver Stöneberg
            • Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: