Commons-httpclient cookie policy is not configured correctly

[GoogleCodeExporter]

This is a problem in trunk.  I'm going against
http://whirlycott.myopenid.com/ and I'm getting these errors in my consumer:

org.apache.commons.httpclient.HttpMethodBase.processCookieHeaders(HttpMethodBase
.java:1554)
>50> Cookie rejected: "$Version=0;
session_id=0db0f1484af97f41251f690e0b98cfd5081cf1e903b215c4a77deb2efbb1539c;
$Path=/; $Domain=myopenid.com". Domain attribute "myopenid.com" violates
RFC 2109: domain must start with a dot

org.apache.commons.httpclient.HttpMethodBase.processCookieHeaders(HttpMethodBase
.java:1554)
>50> Cookie rejected: "$Version=0;
session_id=768c4e7d1255c0c3e3d3cc517b1d245e14b793390b4395d3c36b26f7cf45f18c;
$Path=/; $Domain=myopenid.com". Domain attribute "myopenid.com" violates
RFC 2109: domain must start with a dot

My solution is to add this before the consumer does it's work:

CookiePolicy.registerCookieSpec(CookiePolicy.DEFAULT, CookieSpecBase.class);

This, however, seems to be a global change that affects all instances of
httpclient in the application.  This may not be acceptable for some
applications and warrants some further testing.

Original issue reported on code.google.com by pelja...@gmail.com on 5 Jan 2007 at 4:51

[GoogleCodeExporter]

Phil,

The consumer code should not need any cookies when talking to an OP, so 
will be disabling this functionality in httpclient.

I've also pinged the JanRain guys about the non-compliant cookie from 
myopenid.com.

Thanks,
Johnny

Original comment by Johnny.B...@gmail.com on 6 Feb 2007 at 6:49

• Changed state: Started

[GoogleCodeExporter]

Cookies are disabled as of rev 84.

Original comment by Johnny.B...@gmail.com on 7 Feb 2007 at 7:08

• Changed state: Fixed