From: SourceForge.net <no...@so...> - 2005-08-29 21:47:14
|
Bugs item #1276101, was opened at 2005-08-29 16:47 Message generated for change (Tracker Item Submitted) made by Item Submitter You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=107322&aid=1276101&group_id=7322 Please note that this message will contain a full copy of the comment thread, including the initial issue submission, for this request, not just the latest update. Category: HTTP protocol Group: None Status: Open Resolution: None Priority: 5 Submitted By: Jerry Dobner (jdobner) Assigned to: Nobody/Anonymous (nobody) Summary: RFC 2109 violation? Initial Comment: RFC 2109 states that "User agents should send Cookie request headers, subject to other rules detailed below, with every request." However HttpRequest is created only once for HttpConnection, and then read multiple times (readRequest()). If only the first request on this connection comes with a cookie, the _request instance field of the connection will keep its _cookies field while the connection lasts if further requests do not bring any cookies at all. While hardly a serious cause for security concerns, this leads to some confusing results at development time. ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=107322&aid=1276101&group_id=7322 |