[OpenSTA-devel] Re: Possible Issue with applications sending two cookies at once
Brought to you by:
dansut
Menu
▾
▴
[OpenSTA-devel] Re: Possible Issue with applications sending two cookies at once
|
From: Daniel S. <da...@Op...> - 2005-08-11 23:23:40
|
Olaf Kock wrote: > I can't say if this really qualifies as tomcat bug, the same may > occur from any web application and is probably difficult to track > down. I don't think it really matters whether it is a tomcat bug or not ... It is fairly easy to create a Web application that has multiple Set-Cookie: headers with the same name - job for tomorrow. Perhaps this makes a buggy Web application, but then again ... > Is it worth thinking about handling the situation of two cookies > of the same name in OpenSTA? It sounds like OpenSTAs SCL always selects the 1st header - I can believe this but need to check it - and that the browsers that the Princeton guys were using always selected the last header. If the defined behavior of a browser is that later HTTP headers override earlier ones - need to find RFC and check for this - then SCLs behavior is clearly wrong! If it is not a defined behavior but all (most) browsers exhibit the latter HTTP headers override behavior then OpenSTAs behavior is "not desirable". It probably wouldn't be too difficult to change the LOAD RESPONSE_INFO HEADER behavior, but ... possibilities of breaking peoples existing scripts. Reading the SCL Ref doc: http://opensta.org/docs/sclref/load-response_info-header.htm I think we have to consider the wildcard operation of this command and also the behavior of specifying "other" HTTP headers which may also be duplicated ... Looks to me like this command needs a better identifier syntax just like its LOAD RESPONSE_INFO BODY sibling. Thoughts, comments, suggestions? /dan -- Daniel Sutcliffe <Da...@Op...> OpenSTA part-time caretaker - http://OpenSTA.org/ |
