7:33 a.m.
Cookie-Based Sessions Broken
----------------------------
Key: AS7-1283
URL: https://issues.jboss.org/browse/AS7-1283
Project: Application Server 7
Issue Type: Bug
Affects Versions: 7.0.0.Final
Reporter: Benjamin Browning
Priority: Blocker
See http://community.jboss.org/message/612763 and
http://lists.jboss.org/pipermail/jboss-as7-dev/2011-July/003120.html.
Essentially cookie-based sessions are broken in major browsers and curl unless
-Dorg.apache.tomcat.util.http.ServerCookie.FWD_SLASH_IS_SEPARATOR=false is passed on boot.
It's likely a large percentage of the people that try AS7 Final will run into this
issue and have to spend time trying to figure out why sessions aren't working.
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
8:39 a.m.
New subject: [JBoss JIRA] Assigned: (AS7-1283) Cookie-Based Sessions Broken
[
https://issues.jboss.org/browse/AS7-1283?page=com.atlassian.jira.plugin.s...
]
Jason Greene reassigned AS7-1283:
---------------------------------
Assignee: Remy Maucherat
Cookie-Based Sessions Broken
----------------------------
Key: AS7-1283
URL: https://issues.jboss.org/browse/AS7-1283
Project: Application Server 7
Issue Type: Bug
Affects Versions: 7.0.0.Final
Reporter: Benjamin Browning
Assignee: Remy Maucherat
Priority: Blocker
See http://community.jboss.org/message/612763 and
http://lists.jboss.org/pipermail/jboss-as7-dev/2011-July/003120.html.
Essentially cookie-based sessions are broken in major browsers and curl unless
-Dorg.apache.tomcat.util.http.ServerCookie.FWD_SLASH_IS_SEPARATOR=false is passed on boot.
It's likely a large percentage of the people that try AS7 Final will run into this
issue and have to spend time trying to figure out why sessions aren't working.
To summarize the above links, what's happening is the cookie's Path value is
being enclosed in quotes. Browsers don't expect this and thus when the browser
receives a cookie it doesn't send that cookie back on subsequent requests because the
browser doesn't think the cookie's Path value matches the user's path.
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
8:39 a.m.
New subject: [JBoss JIRA] Updated: (AS7-1283) Cookie-Based Sessions Broken
[
https://issues.jboss.org/browse/AS7-1283?page=com.atlassian.jira.plugin.s...
]
Jason Greene updated AS7-1283:
------------------------------
Component/s: Web
Cookie-Based Sessions Broken
----------------------------
Key: AS7-1283
URL: https://issues.jboss.org/browse/AS7-1283
Project: Application Server 7
Issue Type: Bug
Components: Web
Affects Versions: 7.0.0.Final
Reporter: Benjamin Browning
Priority: Blocker
See http://community.jboss.org/message/612763 and
http://lists.jboss.org/pipermail/jboss-as7-dev/2011-July/003120.html.
Essentially cookie-based sessions are broken in major browsers and curl unless
-Dorg.apache.tomcat.util.http.ServerCookie.FWD_SLASH_IS_SEPARATOR=false is passed on boot.
It's likely a large percentage of the people that try AS7 Final will run into this
issue and have to spend time trying to figure out why sessions aren't working.
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
8:39 a.m.
New subject: [JBoss JIRA] Updated: (AS7-1283) Cookie-Based Sessions Broken
[
https://issues.jboss.org/browse/AS7-1283?page=com.atlassian.jira.plugin.s...
]
Benjamin Browning updated AS7-1283:
-----------------------------------
Description:
See http://community.jboss.org/message/612763 and
http://lists.jboss.org/pipermail/jboss-as7-dev/2011-July/003120.html.
Essentially cookie-based sessions are broken in major browsers and curl unless
-Dorg.apache.tomcat.util.http.ServerCookie.FWD_SLASH_IS_SEPARATOR=false is passed on boot.
It's likely a large percentage of the people that try AS7 Final will run into this
issue and have to spend time trying to figure out why sessions aren't working.
To summarize the above links, what's happening is the cookie's Path value is being
enclosed in quotes. Browsers don't expect this and thus when the browser receives a
cookie it doesn't send that cookie back on subsequent requests because the browser
doesn't think the cookie's Path value matches the user's path.
was:
See http://community.jboss.org/message/612763 and
http://lists.jboss.org/pipermail/jboss-as7-dev/2011-July/003120.html.
Essentially cookie-based sessions are broken in major browsers and curl unless
-Dorg.apache.tomcat.util.http.ServerCookie.FWD_SLASH_IS_SEPARATOR=false is passed on boot.
It's likely a large percentage of the people that try AS7 Final will run into this
issue and have to spend time trying to figure out why sessions aren't working.
Component/s: (was: Web)
Cookie-Based Sessions Broken
----------------------------
Key: AS7-1283
URL: https://issues.jboss.org/browse/AS7-1283
Project: Application Server 7
Issue Type: Bug
Affects Versions: 7.0.0.Final
Reporter: Benjamin Browning
Priority: Blocker
See http://community.jboss.org/message/612763 and
http://lists.jboss.org/pipermail/jboss-as7-dev/2011-July/003120.html.
Essentially cookie-based sessions are broken in major browsers and curl unless
-Dorg.apache.tomcat.util.http.ServerCookie.FWD_SLASH_IS_SEPARATOR=false is passed on boot.
It's likely a large percentage of the people that try AS7 Final will run into this
issue and have to spend time trying to figure out why sessions aren't working.
To summarize the above links, what's happening is the cookie's Path value is
being enclosed in quotes. Browsers don't expect this and thus when the browser
receives a cookie it doesn't send that cookie back on subsequent requests because the
browser doesn't think the cookie's Path value matches the user's path.
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
8:41 a.m.
New subject: [JBoss JIRA] Updated: (AS7-1283) Cookie-Based Sessions Broken
[
https://issues.jboss.org/browse/AS7-1283?page=com.atlassian.jira.plugin.s...
]
Jason Greene updated AS7-1283:
------------------------------
Fix Version/s: 7.0.1.Final
Cookie-Based Sessions Broken
----------------------------
Key: AS7-1283
URL: https://issues.jboss.org/browse/AS7-1283
Project: Application Server 7
Issue Type: Bug
Affects Versions: 7.0.0.Final
Reporter: Benjamin Browning
Assignee: Remy Maucherat
Priority: Blocker
Fix For: 7.0.1.Final
See http://community.jboss.org/message/612763 and
http://lists.jboss.org/pipermail/jboss-as7-dev/2011-July/003120.html.
Essentially cookie-based sessions are broken in major browsers and curl unless
-Dorg.apache.tomcat.util.http.ServerCookie.FWD_SLASH_IS_SEPARATOR=false is passed on boot.
It's likely a large percentage of the people that try AS7 Final will run into this
issue and have to spend time trying to figure out why sessions aren't working.
To summarize the above links, what's happening is the cookie's Path value is
being enclosed in quotes. Browsers don't expect this and thus when the browser
receives a cookie it doesn't send that cookie back on subsequent requests because the
browser doesn't think the cookie's Path value matches the user's path.
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
2:11 a.m.
New subject: [JBoss JIRA] Updated: (AS7-1283) Cookie-Based Sessions Broken
[
https://issues.jboss.org/browse/AS7-1283?page=com.atlassian.jira.plugin.s...
]
SBS JIRA Integration updated AS7-1283:
--------------------------------------
Forum Reference: http://community.jboss.org/message/612640#612640
Cookie-Based Sessions Broken
----------------------------
Key: AS7-1283
URL: https://issues.jboss.org/browse/AS7-1283
Project: Application Server 7
Issue Type: Bug
Affects Versions: 7.0.0.Final
Reporter: Benjamin Browning
Assignee: Remy Maucherat
Priority: Blocker
Fix For: 7.0.1.Final
See http://community.jboss.org/message/612763 and
http://lists.jboss.org/pipermail/jboss-as7-dev/2011-July/003120.html.
Essentially cookie-based sessions are broken in major browsers and curl unless
-Dorg.apache.tomcat.util.http.ServerCookie.FWD_SLASH_IS_SEPARATOR=false is passed on boot.
It's likely a large percentage of the people that try AS7 Final will run into this
issue and have to spend time trying to figure out why sessions aren't working.
To summarize the above links, what's happening is the cookie's Path value is
being enclosed in quotes. Browsers don't expect this and thus when the browser
receives a cookie it doesn't send that cookie back on subsequent requests because the
browser doesn't think the cookie's Path value matches the user's path.
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
2:11 a.m.
New subject: [JBoss JIRA] Updated: (AS7-1283) Cookie-Based Sessions Broken
[
https://issues.jboss.org/browse/AS7-1283?page=com.atlassian.jira.plugin.s...
]
SBS JIRA Integration updated AS7-1283:
--------------------------------------
Forum Reference: http://community.jboss.org/message/615870#615870,
http://community.jboss.org/message/612640#612640 (was:
http://community.jboss.org/message/612640#612640)
Cookie-Based Sessions Broken
----------------------------
Key: AS7-1283
URL: https://issues.jboss.org/browse/AS7-1283
Project: Application Server 7
Issue Type: Bug
Affects Versions: 7.0.0.Final
Reporter: Benjamin Browning
Assignee: Remy Maucherat
Priority: Blocker
Fix For: 7.0.1.Final
See http://community.jboss.org/message/612763 and
http://lists.jboss.org/pipermail/jboss-as7-dev/2011-July/003120.html.
Essentially cookie-based sessions are broken in major browsers and curl unless
-Dorg.apache.tomcat.util.http.ServerCookie.FWD_SLASH_IS_SEPARATOR=false is passed on boot.
It's likely a large percentage of the people that try AS7 Final will run into this
issue and have to spend time trying to figure out why sessions aren't working.
To summarize the above links, what's happening is the cookie's Path value is
being enclosed in quotes. Browsers don't expect this and thus when the browser
receives a cookie it doesn't send that cookie back on subsequent requests because the
browser doesn't think the cookie's Path value matches the user's path.
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
8:21 a.m.
New subject: [JBoss JIRA] Updated: (AS7-1283) Cookie-Based Sessions Broken
[
https://issues.jboss.org/browse/AS7-1283?page=com.atlassian.jira.plugin.s...
]
SBS JIRA Integration updated AS7-1283:
--------------------------------------
Forum Reference: http://community.jboss.org/message/616393#616393,
http://community.jboss.org/message/612640#612640,
http://community.jboss.org/message/615870#615870 (was:
http://community.jboss.org/message/615870#615870,
http://community.jboss.org/message/612640#612640)
Cookie-Based Sessions Broken
----------------------------
Key: AS7-1283
URL: https://issues.jboss.org/browse/AS7-1283
Project: Application Server 7
Issue Type: Bug
Affects Versions: 7.0.0.Final
Reporter: Benjamin Browning
Assignee: Remy Maucherat
Priority: Blocker
Fix For: 7.0.1.Final
See http://community.jboss.org/message/612763 and
http://lists.jboss.org/pipermail/jboss-as7-dev/2011-July/003120.html.
Essentially cookie-based sessions are broken in major browsers and curl unless
-Dorg.apache.tomcat.util.http.ServerCookie.FWD_SLASH_IS_SEPARATOR=false is passed on boot.
It's likely a large percentage of the people that try AS7 Final will run into this
issue and have to spend time trying to figure out why sessions aren't working.
To summarize the above links, what's happening is the cookie's Path value is
being enclosed in quotes. Browsers don't expect this and thus when the browser
receives a cookie it doesn't send that cookie back on subsequent requests because the
browser doesn't think the cookie's Path value matches the user's path.
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
7:45 a.m.
New subject: [JBoss JIRA] Resolved: (AS7-1283) Cookie-Based Sessions Broken
[
https://issues.jboss.org/browse/AS7-1283?page=com.atlassian.jira.plugin.s...
]
Remy Maucherat resolved AS7-1283.
---------------------------------
Resolution: Done
I separated the flag from the strict compliance flag.
Cookie-Based Sessions Broken
----------------------------
Key: AS7-1283
URL: https://issues.jboss.org/browse/AS7-1283
Project: Application Server 7
Issue Type: Bug
Affects Versions: 7.0.0.Final
Reporter: Benjamin Browning
Assignee: Remy Maucherat
Priority: Blocker
Fix For: 7.0.1.Final
See http://community.jboss.org/message/612763 and
http://lists.jboss.org/pipermail/jboss-as7-dev/2011-July/003120.html.
Essentially cookie-based sessions are broken in major browsers and curl unless
-Dorg.apache.tomcat.util.http.ServerCookie.FWD_SLASH_IS_SEPARATOR=false is passed on boot.
It's likely a large percentage of the people that try AS7 Final will run into this
issue and have to spend time trying to figure out why sessions aren't working.
To summarize the above links, what's happening is the cookie's Path value is
being enclosed in quotes. Browsers don't expect this and thus when the browser
receives a cookie it doesn't send that cookie back on subsequent requests because the
browser doesn't think the cookie's Path value matches the user's path.
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
4921
days inactive
4928
days old
8 comments
4 participants
participants (4)
-
Benjamin Browning (JIRA) -
Jason Greene (JIRA)
-
Remy Maucherat (JIRA)
-
SBS JIRA Integration (JIRA)