[KNOX-2538] JSESSIONID cookie missing when Zeppelin UI proxied via Knox - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 1.6.0
Component/s: Server
Labels:
None

Description

Sometimes Knox gateway sends back Set-Cookie header in not proper formatted way, mix attribute order

properly formatted SET-COOKIE response (start with JSESSIONID)
GET /zeppelin/api/security/ticket
Set-Cookie: JSESSIONID=ba760126-414f-406d-baa1-99e14eb47656; SameSite=none; Secure; Path=/; HttpOnly

not properly formatted SET-COOKIE response
GET /zeppelin/api/security/ticket
Set-Cookie: SameSite=none; Secure; Path=/; JSESSIONID=b2934cd3-820a-47da-a9b8-4b3af3284502; HttpOnly

_Informally, the Set-Cookie response header contains the header name "Set-Cookie" followed by a ":" and a cookie. Each cookie begins with a name-value-pair, followed by zero or more attribute-value pairs. _

Set-Cookie specification

Not properly formatted SET-COOKIE issue is not always present, sometimes it is working, sometimes is not. Please try a couple of times to reproduce this issue, If the JSESSIONID cookie presents, remove it manually and refresh the page to simulate session timeout case.

Attachments

Issue Links

links to

GitHub Pull Request #403

Activity

People

Assignee:: Sandeep More

Reporter:: Zoltan Holoda

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 25/Feb/21 16:09

Updated:: 25/Feb/21 22:45

Resolved:: 25/Feb/21 22:45

Time Tracking

Estimated:

Not Specified

Remaining:

Logged:

20m