]
Brian Stansberry reassigned WFLY-13559:
---------------------------------------
Fix Version/s: 21.0.0.Beta1
Assignee: Emmanuel Hugonnet (was: Bartosz Baranowski)
Resolution: Done
Header response has changed and missing fields
----------------------------------------------
Key: WFLY-13559
URL:
https://issues.redhat.com/browse/WFLY-13559
Project: WildFly
Issue Type: Bug
Components: MP OpenTracing
Affects Versions: 19.0.0.Final, 19.1.0.Final, 20.0.0.Final
Reporter: Alexandru Ciouca
Assignee: Emmanuel Hugonnet
Priority: Major
Fix For: 21.0.0.Beta1
Attachments: standalone_18.0.0.final.xml, standalone_19.1.0.final.xml,
test-endpoint-BEANS-XML.war, test-endpoint-CONTEXT.war, test-endpoint-WORKING.war
I have an application running in WildFly with some open endpoints to call and I tried an
upgrade to WildFly 19.1.0.final from 18.0.0.final, but I noticed that something changed
when calling the endpoints. In the Response Header I see that some of the fields are
changed or are missing. Is this supposed to happen or do I need to add some extra
configuration with WildFly 19?
Response WildFly 18.0.0.final:
{code}
HTTP/2 500
cache-control: no-store, no-cache, must-revalidate
set-cookie:
JSESSIONID=pLpPEvZZVekh0Bkqq06muz_cJ4_fmwxsqrt0HUdP.myservices-container-6f5b87f79d-ngzhf;
path=/myservices
access-control-allow-headers: origin, content-type, accept, X-XSRF-TOKEN
content-type: application/json
content-length: 182
link: <
http://test.com/afs/rest>; rel="profile"
date: Thu, 04 Jun 2020 07:34:10 GMT
set-cookie: 7951a12696148c7a83e36db56eeb5f91=5ede0885e2c831c4946125e91d3facba; path=/;
HttpOnly; Secure
strict-transport-security: max-age=31536000; includeSubdomains
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
{code}
Response WildFly 19.1.0.final:
{code}
HTTP/2 200
set-cookie:
JSESSIONID=9siDVU14OoFXojIIVxlMWbxNg1gcuSmLokwamY29.myservices-container-7c8dbf55f5-ctcks;
path=/myservices
content-type: application/json
content-length: 182
date: Thu, 04 Jun 2020 07:27:57 GMT
set-cookie: 7951a12696148c7a83e36db56eeb5f91=3edfc7a7549d107b41669532f6cb594a; path=/;
HttpOnly; Secure
cache-control: private
strict-transport-security: max-age=31536000; includeSubdomains
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
{code}
As you can see the first thing that changed is the response code, even though the code is
the same for both versions. The cache-control is also different and
access-control-allow-headers and link fields are missing.
I am attaching also the standalone.xml for both versions.