Underscore character in cookie spec
1,227 views
Skip to first unread message
Jorge Vicente
Jun 2, 2015, 2:05:27 AM6/2/15
to spray...@googlegroups.com
Hi everyone!
I have an issue with the character underscore (_) in a cookie name. I am implementing a Scala library to use my university SSO (uji.es). UJI SSO matches the cookie name with the server is trying to log in. However, URLs like app.dpt.uji.es get the following cookie name: app_dpt. When I am trying to initialize a cookie with this name in compile time, an IllegalArgumentException is thrown.
There is a spec that doesn't allow characters like _ to be used. However, all the browsers are using the old Netscape spec which indeed allows it (if not it's weird because the SSO works in all the browsers). More info about the cookie name problem in this StackOverflow thread.
So, the point is I don't know what to do. I am trying to solve this problem with my university by getting a single name hostname like app.uji.es, but it's not certain that I succeed. I would like to know your insights about my problem. I think Spray implements a newer specification. Would it be possible to change this?
Thanks in advance,
jvican
Johannes Rudolph
Jun 2, 2015, 2:16:18 AM6/2/15
to spray...@googlegroups.com
Hi Jorge,
if you need to support legacy headers you can and should fallback to
using a `RawHeader`. You need to build the header value yourself in
this case. That said, underscores are allowed in cookies AFAICS so it
would be helpful if you could post the some code and the full
exception (good idea for any report btw ;-) ) so we can see where
something went wrong.
Definition of cookie-name: http://tools.ietf.org/html/rfc6265#section-4.1.1
Definition of token: http://tools.ietf.org/html/rfc7230#section-3.2.6
Johannes
> --
> You received this message because you are subscribed to the Google Groups
> "spray.io User List" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to spray-user+...@googlegroups.com.
> Visit this group at http://groups.google.com/group/spray-user.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/spray-user/4198e9b8-2411-4818-9cd3-094a46064e73%40googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.
--
Johannes
-----------------------------------------------
Johannes Rudolph
http://virtual-void.net
if you need to support legacy headers you can and should fallback to
using a `RawHeader`. You need to build the header value yourself in
this case. That said, underscores are allowed in cookies AFAICS so it
would be helpful if you could post the some code and the full
exception (good idea for any report btw ;-) ) so we can see where
something went wrong.
Definition of cookie-name: http://tools.ietf.org/html/rfc6265#section-4.1.1
Definition of token: http://tools.ietf.org/html/rfc7230#section-3.2.6
Johannes
> You received this message because you are subscribed to the Google Groups
> "spray.io User List" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to spray-user+...@googlegroups.com.
> Visit this group at http://groups.google.com/group/spray-user.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/spray-user/4198e9b8-2411-4818-9cd3-094a46064e73%40googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.
--
Johannes
-----------------------------------------------
Johannes Rudolph
http://virtual-void.net
Jorge Vicente
Jun 11, 2015, 12:34:04 PM6/11/15
to spray...@googlegroups.com
Yes, Johannes, you are right! Somewhat I was confusing some variable
names and I was trying to set the identifier of my app (with
underscores) in the field of the host, which is indeed prohibited.
Thanks for clarifying.
Thanks for clarifying.
Reply all
Reply to author
Forward
0 new messages