Uploaded image for project: 'Apache Knox'
  1. Apache Knox
  2. KNOX-2479

set-cookie headers broken when spaces between attributes are missing

    XMLWordPrintableJSON

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 1.6.0
    • Component/s: Server
    • Labels:
      None

      Description

      The assumption here is that SET-COOKIE header returned to Knox will always have spaces between the fields 

      e.g.

      SESSION=e69d3d08-7452-45cb-90bb-9cdde3fa1342; Path=/; HttpOnly

      Which is not the case when CM returns the SET-COOKIE header

      SESSION=e69d3d08-7452-45cb-90bb-9cdde3fa1342;Path=/;HttpOnly
      

      Which breaks the Knox logic. 

      Examples in RFC https://tools.ietf.org/html/rfc6265#section-2.2 have whitespace but they do not specify format. Since CM uses it and it was working up until now Knox should be fixed to support it.  

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                smore Sandeep More
                Reporter:
                smore Sandeep More
              • Votes:
                0 Vote for this issue
                Watchers:
                2 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:

                  Time Tracking

                  Estimated:
                  Original Estimate - Not Specified
                  Not Specified
                  Remaining:
                  Remaining Estimate - 0h
                  0h
                  Logged:
                  Time Spent - 1h
                  1h