[
Date Prev][
Date Next][
Thread Prev][
Thread Next][
Date Index][
Thread Index]
[
List Home]
Re: [jetty-users] Session Cookie question
|
Wow, Jetty 7.0.1 (released November 2009, there have been 94 releases of Jetty since then)
Since you want reliable and consistent secure cookies, I'd recommend upgrading to Jetty 7.6.0 (or newer).
--
Developer advice, services and support
from the Jetty & CometD experts
On Wed, Mar 20, 2013 at 12:29 PM, Ike Ikonne
<iikonne@xxxxxxxxxx> wrote:
Hi all,
We use embedded Jetty within our application,
and we are trying to understand the conditions
under which Jetty returns the secure/httpOnly
cookie attributes back to the client. I have the following
flows captured using the Fiddler, first,
the Secure/HttpOnly attribute is not being returned all the time
with responses to the client. Also,
in the response to the GET request, the JSESSIONID=3zynssqhqzej
was not returned back to the client
instead path=/MPSDashboard/faces was returned. I would appreciate
it if someone could shade some light
as to what is going on.
Thanks,
Ike
HTTP/1.1 302 Found
X-Frame-Options: SAMEORIGIN
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: JSESSIONID=3zynssqhqzej;Path=/MPSDashboard;Secure;HttpOnly
Location: https://localhost:7777/MPSDashboard/faces/configuration.jsp
Content-Length: 0
Server: Jetty(7.0.1.v20091125)
GET https://localhost:7777/MPSPDashboard/faces/configuration.jsp
HTTP/1.1
Accept: application/x-ms-application,
image/jpeg, application/xaml+xml, image/gif, image/pjpeg, application/x-ms-xbap,
application/x-shockwave-flash, application/msword, application/vnd.ms-excel,
application/vnd.ms-powerpoint, */*
Referer: https://localhost:7777/MPsDashboard/faces/logon.jsp
Accept-Language: en-US
User-Agent: Mozilla/4.0 (compatible;
MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727;
.NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C;
InfoPath.2; .NET4.0E; BOIE9;ENUS)
Accept-Encoding: gzip, deflate
Host: localhost:7777
Connection: Keep-Alive
Cache-Control: no-cache
Cookie: form1:configTreeInner-expand=null;
form1:configTreeInner-hi=form1:configTreeInner:policies:NODE_0; JSESSIONID=3zynssqhqzej
HTTP/1.1 200 OK
X-Frame-Options: SAMEORIGIN
Content-Type: text/html;charset=UTF-8
Content-Language: en-US
Transfer-Encoding: chunked
Server: Jetty(7.0.1.v20091125)
Cookie: form1:configTreeInner-expand=null;
form1:configTreeInner-hi=form1:configTreeInner:policies:NODE_0; path=/MPSDashboard/faces
_______________________________________________
jetty-users mailing list
jetty-users@xxxxxxxxxxx
https://dev.eclipse.org/mailman/listinfo/jetty-users