Menu

#1705 Unquoted cookie value is sent back quoted

Latest SVN
closed
RBRi
None
1
2015-07-31
2015-07-31
Joerg Werner
No

We ran into a small discrepancy between HtmlUnit and real browsers when it comes to handle version 1 cookies. In our example, the server set a session ID cookie as follows (note the equal sign at the end of the cookie value): 

Set-Cookie: SID=12345678=; Path=/; Version=1

When a real browser sends this cookie back to the server, the request header looks this way: 

Cookie: SID=12345678=

HtmlUnit quotes the cookie value:

Cookie: SID="12345678="

As a consequence, the server did not recognize this quoted session ID and created a new session ID cookie with every request.

Being a Version 1 cookie, the server itself should probably have quoted the cookie value because of the '='. But the browsers handle this situation somehow. Maybe HtmlUnit can do so as well. See the attached patch that adds a test case to CookieManagerTest. Thanks!

1 Attachments
CookieManagerTest.java.patch

Discussion

  • RBRi

    RBRi - 2015-07-31

    Hi Joerg,

    thanks for the patch. Hopefully we can fix that.

     

  • RBRi

    RBRi - 2015-07-31
    • assigned_to: RBRi
     

  • RBRi

    RBRi - 2015-07-31

    Fixed in SVN, new snapshot build is on the way to the server.

    Many thanks for the test case

     

  • RBRi

    RBRi - 2015-07-31
    • status: open --> closed
     

Log in to post a comment.

MongoDB Logo MongoDB