Skip to main content

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
Re: [jetty-dev] About cookie version in the response

Looking at our issue tracking ...

These 2 issues might be related to your concern ...
https://bugs.eclipse.org/bugs/show_bug.cgi?id=414898 - Cookie encoding does not default to version 0
https://bugs.eclipse.org/bugs/show_bug.cgi?id=414101 - Escaped characters in cookies are uncorrectly unescaped

Give a read on the comments, it might make sense what is going on.

Both fixed in Jetty 9.0.5.v20130815
https://github.com/eclipse/jetty.project/blob/jetty-9.0.5.v20130815/VERSION.txt


--
Joakim Erdfelt <joakim@xxxxxxxxxxx>
Expert advice, services and support from from the Jetty & CometD experts

On Tue, Oct 14, 2014 at 10:43 AM, Xialin Zhu <xzhu@xxxxxxxxxxxx> wrote:
Hi,

I am an engineer from LinkedIn, and we are currently having different test result between Jetty 6 and Jetty 8, but I could not find any direct information from Internet:

In Jetty 8, we found that some of the cookies in the response are wrapped by double quotes which will fail the tests, and those cookies are all version 0 cookies though we use setVersion(1) when we create it on the server. By digging into the library we found this is because “Set-Cookie” field in the header lacks “version=1” part. We don’t have this issue in Jetty 6. It seems that you have such code in HttpFields that set the cookie version in Jetty 6:

if (version > 0)
{
  buf.append(";Version=");
  buf.append(version);
}

However this piece of code is gone in Jetty 8, and it makes us always getting version 0 cookies.

Is it a known issue of Jetty 8, or are we missing anything? Any help is appreciated!

Thanks,
Tony



_______________________________________________
jetty-dev mailing list
jetty-dev@xxxxxxxxxxx
To change your delivery options, retrieve your password, or unsubscribe from this list, visit
https://dev.eclipse.org/mailman/listinfo/jetty-dev


Back to the top