[seam-issues] [JBoss JIRA] Updated: (JBSEAM-4701) Cookie path being set to empty string via getRequestContextPath forming invalid cookies in IE
RH Bugzilla Integration (JIRA)
jira-events at lists.jboss.org
Thu Sep 1 19:47:26 EDT 2011
[ https://issues.jboss.org/browse/JBSEAM-4701?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
RH Bugzilla Integration updated JBSEAM-4701:
--------------------------------------------
Bugzilla References: https://bugzilla.redhat.com/show_bug.cgi?id=691963
Forum Reference: http://seamframework.org/Community/SeamTokenTagProblemCSRF (was: http://seamframework.org/Community/SeamTokenTagProblemCSRF)
> Cookie path being set to empty string via getRequestContextPath forming invalid cookies in IE
> ---------------------------------------------------------------------------------------------
>
> Key: JBSEAM-4701
> URL: https://issues.jboss.org/browse/JBSEAM-4701
> Project: Seam 2
> Issue Type: Bug
> Affects Versions: 2.1.2.GA
> Reporter: Brian Dill
> Attachments: ClientUidSelector.patch
>
>
> When using <s:token /> in JSF the javax.faces.ClientToken cookie that is created can potentially have an empty ("") path which will cause it to not be accepted in some versions of Internet Explorer. The following code in ClientUidSelector is the problem.
> setCookiePath(FacesContext.getCurrentInstance().getExternalContext().getRequestContextPath());
> This bug can be manifested as "viewId: /myPage.xhtml - No client identifier provided." I'll try to post a patch file here asap.
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the seam-issues
mailing list