Mantis Bugtracker
  

Viewing Issue Simple Details Jump to Notes ] View Advanced ] Issue History ] Print ]
ID Category Severity Reproducibility Date Submitted Last Update
0005456 [Resin] minor always 06-13-13 13:03 07-23-13 11:36
Reporter cowan View Status public  
Assigned To ferg
Priority normal Resolution fixed  
Status closed   Product Version 4.0.36
Summary 0005456: Cookie Expires with negative value removed by Resin load-balancer
Description When using cookie.setMaxAge(0) to signal the browser to delete the cookie, the "Expires" portion of the cookie header is stripped out by the web-tier load-balancer. This does not occur when the connect is direct to the app-server.
Additional Information com.caucho.server.http.AbstractHttpResponse translates maxAge(0) to "expires=Thu, 01-Dec-1994 16:00:00 GMT". The load-balancer read this cookie value and a negative number, and sets the negative number instead of 0 on the cookie on the web-tier response. AbstractHttpResponse.fillCookie has no handling for negative number and does not recognize "Thu, 01-Dec-1994 16:00:00 GMT" as 0, as a result the expires value is lost.
Attached Files

- Relationships

- Notes
(0006277)
cowan
06-13-13 13:03

Rep by H. Cleland
 
(0006290)
ferg
07-23-13 11:36

server/265f
 

- Issue History
Date Modified Username Field Change
06-13-13 13:03 cowan New Issue
06-13-13 13:03 cowan Note Added: 0006277
06-13-13 16:54 oldlance Issue Monitored: oldlance
07-23-13 11:36 ferg Note Added: 0006290
07-23-13 11:36 ferg Assigned To  => ferg
07-23-13 11:36 ferg Status new => closed
07-23-13 11:36 ferg Resolution open => fixed
07-23-13 11:36 ferg Fixed in Version  => 4.0.37


Mantis 1.0.0rc3[^]
Copyright © 2000 - 2005 Mantis Group
33 total queries executed.
28 unique queries executed.
Powered by Mantis Bugtracker