search

djangid / rest-assured

Automatically exported from code.google.com/p/rest-assured
0 stars 0 forks source link

rest-assured fails with session handling when server sends multiple Set-Cookie: PHPSESSID ... #257

Closed GoogleCodeExporter closed 8 years ago

GoogleCodeExporter commented 8 years ago 
What steps will reproduce the problem?
1. Make a request to a server that creates multiple sessions at one request.
2. Receive multiple Set-Cookie headers containing different PHPSESSID (or other 
session cookies)
3. Extract the cookie and use it in the next request.

What is the expected output? What do you see instead?
According to the HTTP specification a server is allowed to send multiple 
cookies with the same name in one HTTP response. The client has to store only 
the last cookie found (e.g. here the sequential last PHPSESSID cookie header). 

rest-assured will only return the FIRST received PHPSESSID thus not complying 
with the HTTP specification and not allowing session handling in some 
circumstances (our server sadly generates two PHPSESSIDs with one session 
initiation).

Please provide any additional information below.
There should be the possibility to receive all Set-Cookie: PHPSESSID headers 
(not only the first received one) - or rest-assured should stick to the HTTP 
specification and dismiss an header if it is overwritten by a following one.

Original issue reported on code.google.com by da...@blockhausmedien.at on 24 Sep 2013 at 8:08

GoogleCodeExporter commented 8 years ago 
Thanks for the report, I was not aware of the fact that the client ought to 
return the last one. 

How ever it's possible to get all cookies if you like, just do e.g. "Cookies 
cookies = get("/resource").detailedCookies();". From this "cookies" object you 
should be able to get all cookies.

Original comment by johan.ha...@gmail.com on 25 Sep 2013 at 5:18

GoogleCodeExporter commented 8 years ago 
This has now been fixed in master, please verify it if you like by depending on 
version 1.8.2-SNAPSHOT after having added the following repo:

<repositories>
        <repository>
            <id>sonatype</id>
            <url>https://oss.sonatype.org/content/repositories/snapshots/</url>
            <snapshots />
        </repository>
</repositories>

Original comment by johan.ha...@gmail.com on 2 Oct 2013 at 6:05