Minor Description
Hi. I'm using RFC6265LaxSpec and would like to report two issues.
1. LaxExpiresHandler throws NullPointerException when a value is null.
This line line is causing NPE.
You can easily reproduce this, with the following Set-Cookie string.
Set-Cookie: gtinfo=info; Expires; domain=.webmd.com; path=/
I think We need to check whether value is blank just like how LaxMaxAgeHandler is doing.
https://github.com/apache/httpcomponents-client/blob/master/httpclient5/src/main/java/org/apache/hc/client5/http/impl/cookie/LaxMaxAgeHandler.java#L60
2. We need to 'ignore' invalid attributes only.
LaxExpiresHandler throws MalformedCookieException when attribute is not valid, so the cookie with invalid Expires attributes is ignored entirely. But RFC 6265 says, 'If the attribute-value failed to parse as a cookie date, ignore the cookie-av.'
I think we should not throw MalformedCookieException but just ignore invalid attributes only. LaxMaxAgeHandler is also already doing this.
https://github.com/apache/httpcomponents-client/blob/master/httpclient5/src/main/java/org/apache/hc/client5/http/impl/cookie/LaxMaxAgeHandler.java#L69
https://github.com/apache/httpcomponents-client/blob/master/httpclient5/src/main/java/org/apache/hc/client5/http/impl/cookie/LaxMaxAgeHandler.java#L61
Followings are the classes needs to be considered.
- BasicExpiresHandler
- BasicMaxAgeHandler
- LaxExpiresHandler
Thanks.
Attachments
Attachments
Issue Links
- links to
