Apache HttpClient Header Problem on Response
I have used Apache HttpClient together with java.sun.net.httpserver as Server. The Server handles Http-Get Requests. Att the beginning, the server sets a session cookie using set-cookie header, wich is accepted by the apache httpclient (according to log), but the problem is that the cookie is never stored nor sent back to the server by the client. I have tested the server app with some web browsers and that all worked ok. So the problem seems to be on the client side, especially taking into account the fact, that all the cookies are accepted accoarding to log with log4j.
DEBUG [org.apache.http.impl.conn.SingleClientConnManager] Get connection for route HttpRoute[{}->http://localhost]
DEBUG [org.apache.http.impl.conn.DefaultClientConnectionOperator] C开发者_开发问答onnecting to localhost/127.0.0.1:80
DEBUG [org.apache.http.client.protocol.RequestAddCookies] CookieSpec selected: best-match
DEBUG [org.apache.http.client.protocol.RequestAuthCache] Auth cache not set in the context
DEBUG [org.apache.http.impl.client.DefaultHttpClient] Attempt 1 to execute request
DEBUG [org.apache.http.impl.conn.DefaultClientConnection] Sending request: GET /login?pass=2Gi/Kzj9 HTTP/1.1
DEBUG [org.apache.http.headers] >> GET /login?pass=2Gi/Kzj9 HTTP/1.1
DEBUG [org.apache.http.headers] >> Host: localhost
DEBUG [org.apache.http.headers] >> Connection: Keep-Alive
DEBUG [org.apache.http.headers] >> User-Agent: Apache-HttpClient/4.1.1 (java 1.5)
DEBUG [org.apache.http.impl.conn.DefaultClientConnection] Receiving response: HTTP/1.1 200 OK
DEBUG [org.apache.http.headers] << HTTP/1.1 200 OK
DEBUG [org.apache.http.headers] << Transfer-encoding: chunked
DEBUG [org.apache.http.headers] << Content-type: text/html
DEBUG [org.apache.http.headers] << Set-cookie: SESSID=0.6092204529970631; expires=Tue, 19-4-11 18:28:43 GMT; Max-Age=3600; Path=/; Version="1"
DEBUG [org.apache.http.client.protocol.ResponseProcessCookies] Cookie accepted: "[version: 0][name: SESSID][value: 0.6092204529970631][domain: localhost][path: /][expiry: Sun Apr 19 19:28:43 CET 11]".
DEBUG [org.apache.http.impl.client.DefaultHttpClient] Connection can be kept alive indefinitely
DEBUG [org.apache.http.impl.conn.SingleClientConnManager] Releasing connection org.apache.http.impl.conn.SingleClientConnManager$ConnAdapter@1bd0dd4
DEBUG [org.apache.http.impl.conn.SingleClientConnManager] Get connection for route HttpRoute[{}->http://localhost]
DEBUG [org.apache.http.impl.client.DefaultHttpClient] Stale connection check
DEBUG [org.apache.http.client.protocol.RequestAddCookies] CookieSpec selected: best-match
DEBUG [org.apache.http.client.protocol.RequestAuthCache] Auth cache not set in the context
DEBUG [org.apache.http.impl.client.DefaultHttpClient] Attempt 1 to execute request
DEBUG [org.apache.http.impl.conn.DefaultClientConnection] Sending request: GET /newnode?node=/tp HTTP/1.1
DEBUG [org.apache.http.headers] >> GET /newnode?node=/tp HTTP/1.1
DEBUG [org.apache.http.headers] >> Host: localhost
DEBUG [org.apache.http.headers] >> Connection: Keep-Alive
DEBUG [org.apache.http.headers] >> User-Agent: Apache-HttpClient/4.1.1 (java 1.5)
DEBUG [org.apache.http.impl.conn.DefaultClientConnection] Receiving response: HTTP/1.1 200 OK
DEBUG [org.apache.http.headers] << HTTP/1.1 200 OK
DEBUG [org.apache.http.headers] << Transfer-encoding: chunked
DEBUG [org.apache.http.headers] << Content-type: text/html
DEBUG [org.apache.http.headers] << Set-cookie: SESSID=0.9499481656989606; expires=Tue, 19-4-11 18:28:43 GMT; Max-Age=3600; Path=/; Version="1"
DEBUG [org.apache.http.client.protocol.ResponseProcessCookies] Cookie accepted: "[version: 0][name: SESSID][value: 0.9499481656989606][domain: localhost][path: /][expiry: Sun Apr 19 19:28:43 CET 11]".
DEBUG [org.apache.http.impl.client.DefaultHttpClient] Connection can be kept alive indefinitely
DEBUG [org.apache.http.impl.conn.SingleClientConnManager] Releasing connection org.apache.http.impl.conn.SingleClientConnManager$ConnAdapter@b5f53a
Set-cookie: SESSID=0.9499481656989606; expires=Tue, 19-4-11 18:28:43 GMT; Max-Age=3600; Path=/; Version="1"
The cookie value has multiple issues:
(1) It violates RFC 2109 and RFC 2965 specifications by using an attribute value with a comma without enclosing it with quote marks.
(2) The expiry attribute looks fishy. I suspect the expiry date is set incorrectly and the cookie simply expires the very same moment it has been accepted. Besides, version 1 cookies (RFC 2109 / RFC 2965 compliant) should not even be using it in the first place.
The cookie also has Max-Age
attribute newer cookies are supposed to use, but because the cookie is malformed, HttpClient treats the cookie as old Netscape style one and the Expiry
attribute takes precedence over Max-Age
精彩评论