[jbossseam-issues] [JBoss JIRA] Created: (JBSEAM-4161) Cookies stored incorrectly when web application is deployed with emty root path

Evgeny Denisov (JIRA) jira-events at lists.jboss.org
Mon May 4 08:17:46 EDT 2009

Cookies stored  incorrectly when web application is deployed with emty root path

                 Key: JBSEAM-4161
                 URL: https://jira.jboss.org/jira/browse/JBSEAM-4161
             Project: Seam
          Issue Type: Bug
          Components: Core, Security
    Affects Versions: 2.1.1.GA
         Environment: Firefox 3.0.x
            Reporter: Evgeny Denisov

There is a bug in that prevents RememberMe functionality to work properly. This occurs when web application is deployed with empty context root path and can be reproduced in Firefox 3.0.8.

There was similar bug reported earlier for Spring: http://jira.springframework.org/browse/SEC-364

The cause is empty cookie path that set to "" in org.jboss.seam.faces.Selector when context root of deployed web app is empty. An empty cookie path results in inconsistent behavior at least between ie and firefox: ie presumes "/" whereas firefox presumes the leading path for the current request. Chrome 1.0 also does not like empty cookie path.

The bug can be fixed if method 
public void setCookiePath(String cookiePath) 
of org.jboss.seam.faces.Selector 
will be modified in the same way:

public void setCookiePath(String cookiePath)
        /* firefox does not like empty cookie path */
        if (cookiePath == null || cookiePath.isEmpty()) {
            this.cookiePath = "/";
        } else {
                this.cookiePath = cookiePath;

This message is automatically generated by JIRA.
If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira


More information about the seam-issues mailing list