4 Replies Latest reply on Apr 2, 2014 2:10 PM by mikehoss42

    Cookie value is cut off

    mikehoss42
    mikehoss42 Apr 2, 2014 10:51 AM

      We are porting out app from Glassfish 3 to Wildfly 8.

       

      When you logon, a REST Request is Posted, and a cookie is set on the session which has a serialized object on the value. Then a GET REST request is sent, and we read the value of that cookie off the request.

       

      This works fine in Glassfish 3, but in Wildfly 8 the value of the cookie is truncated to only 22 characters. I can see in the browser debugger that the value of the cookie is received correctly from the POST and is sent correctly to the GET.

       

      Anyone seen this before? Is Undertow or RESTEasy limiting the length on GET requests?

        • 1. Re: Cookie value is cut off
          ctomc
          ctomc Apr 2, 2014 11:15 AM (in response to mikehoss42)

          There was an issue with some special charachters in cookies in undertow used in 8.0.0.

           

          It should be fixed in nightly builds, can you verify that? Grab it from WildFly nightly builds available

            • Actions
          • 2. Re: Cookie value is cut off
            mikehoss42
            mikehoss42 Apr 2, 2014 11:54 AM (in response to mikehoss42)

            Tried it and it didn't work.

             

            I don't know what "special characters" mean. The original value of the cookie is:

             

            k9zvKpz7eP4UKrrMA3t/Rw==NHMZ/5ZT4kpSyZpq5GXcpjFW9V4hgmY8oOLWQAOQHrPG/guZWcdTkBNDBL1SgScO7QafBujvdXn2dQHKgdqhO2ruEfeupv3CNnw119Shdv9C+mCufUm9tQVqz89vjNY50KeC6Ly7zt6WpBdQmhXt4lxAmupJ3WseTE7hLeFkCGEZJO/90wpZVU+Y+i0ve23YhXs97Kv1pGK9poBTXhgWOIZNI6Ir4aSXMMbIFZ50zM9IhotkVUSq+E65KWeJoez6qFRlpqEQkFIsGT3gxWBJTdSU90PJvWtQCNL7NVgjpD/lJDw4ZS/RTI5rPpbVKM9LSJNXcKsAPI2qPjOK85HDzp5MwDLk33s4J89/AdHMCUX+d7I1bQoB8qSciTnzeo1gxezHIFUKtA2uTqQ/LFXf27soMZIY3mgd0+fxQqpaNLwnk5gW8fgUqD0Fc43n7iF7qOW5PV6VXB5hqCtehXucWkC+L59/p7XRa5fm4kyCqa4B7rIFR282JqiOiI47N2z6EQG1P6BEN4oH72t7f935RQ==

            And the value that is sent back is:

             

            k9zvKpz7eP4UKrrMA3t/Rw

             

            Is the '==' where Undertow failed at before?

              • Actions
            • 3. Re: Cookie value is cut off
              ctomc
              ctomc Apr 2, 2014 12:11 PM (in response to mikehoss42)

              Mike Hostetler wrote:

               

              Is the '==' where Undertow failed at before?

              Yes, see [UNDERTOW-49] Add setting to allow unescaped equals character in cookie value - JBoss Issue Tracker for more details.

               

              you can use nightly build that has fix for that, you will need to modify http-listener (or whichever you use) configuration allow-equals-in-cookie-value=true

               

              something along the lines

              <http-listener name="default" socket-binding="http" allow-equals-in-cookie-value="true" />

              this will be part of upcoming 8.0.1 release.

               

              --

              tomaz

                • Actions
              • 4. Re: Cookie value is cut off
                mikehoss42
                mikehoss42 Apr 2, 2014 2:10 PM (in response to mikehoss42)

                Ok @Tomaz -- I made that configuration change and that worked. Thanks for letting me know.

                 

                Is there a date of when 8.0.1 will be released? Or is there an unresolved issue list for 8.0.1?

                 

                I'm getting another error after log in, but I'll fish around first before putting it up here.

                  • Actions