Stop duplicate cookies from overriding valid cookie #1
Comments
fluffy88
added a commit
that referenced
this issue
Jun 25, 2015
fluffy88
added a commit
that referenced
this issue
Jun 25, 2015
fluffy88
added a commit
that referenced
this issue
Jun 25, 2015
fluffy88
added a commit
that referenced
this issue
Jun 25, 2015
fluffy88
added a commit
that referenced
this issue
Jun 26, 2015
fluffy88
added a commit
that referenced
this issue
Jun 26, 2015
fluffy88
added a commit
that referenced
this issue
Jun 26, 2015
fluffy88
added a commit
that referenced
this issue
Jun 26, 2015
fluffy88
added a commit
that referenced
this issue
Jun 26, 2015
fluffy88
added a commit
that referenced
this issue
Jun 26, 2015
fluffy88
added a commit
that referenced
this issue
Jun 26, 2015
fluffy88
added a commit
that referenced
this issue
Jun 26, 2015
fluffy88
added a commit
that referenced
this issue
Jun 29, 2015
When expired cookies are received from a HTTP response, we should ignore them. When a future HTTP request is sent, we should send all cookies for the domain.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Some operators (I'm looking at you Meteor) send duplicate cookies, one valid cookie with data and a second cookie with the same name which has no data and is expired.
With the current implementations of the java.net.URLConnection it seems that it processes Set-Cookie header in such a manner that the expired cookies are overriding the valid cookies and therefore our session is getting destroyed.
The text was updated successfully, but these errors were encountered: