Re: Behavior with Set-Cookie for same name twice, one of which expires

[David]

Would you be able to share the site URL you are testing, if it's public? For reproducing issue.

In the meantime, as a workaround, could you not manually set the cookie via Selenium to continue testing? Not ideal, but it would at least allow you to proceed.

On Wednesday, May 22, 2013 12:39:37 PM UTC-7, Joe Shaw wrote:

Hi,

I just came across some behavior with cookies that seems to be inconsistent between WebDriver and the browser, and could use some guidance.

The server I am hitting is setting a cookie for the same name twice, first deleting/expiring it and then setting it again.  For example:

Set-Cookie:flash=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.example.com

Set-Cookie:flash=LoremIpsum; path=/; domain=.example.com

The browsers (both Chrome 27 and Firefox 21) send the "LoremIpsum" cookie on subsequent requests.  Neither the Chrome nor Firefox Selenium drivers do, and the site throws an error because it requires this cookie to work.

I'm not sure if setting the same cookie twice in the same request this way is kosher, but unfortunately the site I am hitting is not under my control.  (I am testing an OAuth login flow through a third-party site.)  I couldn't find any literature on whether the behavior of this is defined, but it seems like Selenium should behave as both Chrome and Firefox do.  Have others seen this?  Would folks consider this a bug?  Has a bug been filed?

Thanks,

Joe

[David]

Maybe you should file a Selenium issue/bug for the developers to look into, with the info you've provided thus far.

On Friday, May 24, 2013 6:50:28 AM UTC-7, Joe Shaw wrote:

Hi,

The site is Photobucket, and the URL is http://api.photobucket.com/apilogin/login but it's OAuth so there's the need to have a valid oauth_token in the request, which means you need to set up that whole flow.  However, I think it'd be pretty easy to set up a test server which emulates the problem.  It should be as simple as sending two Set-Cookie headers like in my original post.

Unfortunately I don't think setting the cookie manually will work.  This is a third-party site; I'm testing the OAuth login flow for my own app which consumes the Photobucket API.  The cookie value is fairly opaque and contains ephemeral data that I suspect is tied to time or some other context.  I will play around with it though.

I've also sent mail to Photobucket support with the hope of getting this fixed upstream.

Thanks,

Joe

[David]

By the way, have you had any issues with other browsers? Safari, IE, Opera, iOS Safari? It would be nice to know as a way to narrow down problems in Selenium as well.

If you didn't test with other browsers, might want to check to get more data points. Could be a general WebDriver problem or driver/browser specific issue.