I have been experimenting with Rest Assured today, and one of the issues I came
across is that by default it uses response cookies in subsequent requests
(where permissible, i.e. within same domain etc.).
I believe this to be a bad idea for a testing framework. When making subsequent
calls, surely it is ideal for response cookies to not be propagated unless the
user requests it explicitly?
For a simple example, I was testing our authentication system, with two invalid
sets of credentials followed by valid credentials. I would not want cookies
from the first or second request to be propagated to the third, however this
default behaviour meant that when I was seeing errors because cookies weren't
being sent on the successful authentication because they had been set already
on the client in the previous requests.
In order to stop this behaviour, I made a few simple modifications to the 1.5
release. They are:
remove httpcore-4.0.1.jar and httpclient-4.0.3.jar from the dependencies
Add in httpcore-4.1.2.jar and httpclient-4.1.2.jar from http://hc.apache.org/downloads.cgi
Note this is because we want to set a cookie policy of IGNORE_COOKIES. Up until version 4.1 of httpclient, IGNORE_COOKIES was not a field on CookiePolicy, hence the required upgrade. The replacement of httpcore was for compatibility reasons with httpclient-4.1.2
Use the following line of code before you make any calls to RestAssured:
RestAssured.config = config().httpClient( new HttpClientConfig().setParam("http.protocol.cookie-policy", CookiePolicy.IGNORE_COOKIES));
You'll need the following imports:
import com.jayway.restassured.RestAssured;
import static com.jayway.restassured.config.RestAssuredConfig.config;
import org.apache.http.client.params.CookiePolicy;
Original issue reported on code.google.com by johan.ha...@gmail.com on 16 Jan 2012 at 7:35
Original issue reported on code.google.com by
johan.ha...@gmail.com
on 16 Jan 2012 at 7:35