TCK: CookieTests setPartitionedTest doesn't account for possible implementation differences

[brideck]

Challenged Tests: servlet.tck.api.jakarta_servlet_http.cookie.CookieTests#setPartitionedTest

TCK Version: Servlet TCK 6.1.0

Tested Implementation: Open Liberty

Description: setPartitionedTest is attempting to check the syntax of the implementation's response header to ensure that it includes partitioned, instead of partitioned= or partitioned=<some-value>, but the scenario being tested is a little too simple for Open Liberty's implementation. In keeping with the PrivacyCG's CHIPS design principles, OL currently ignores Partitioned being set on a cookie unless SameSite=None is also set. Since the test currently doesn't do anything with the SameSite attribute, OL's response doesn't contain the partitioned attribute. I have verified that updating the test to set SameSite=None on the cookie for this method works for OL, and that OL's subsequent response header syntax passes the test.

Alternatively, if this is just a test to make sure that setting an arbitrary attribute to an empty string doesn't result in <attribute-name>= as part of the response, then the test could be updated to use a not-special attribute so it doesn't run afoul of any specific handling that an implementation might be doing for that attribute.

[pnicolucci]

@markt-asf @stuartwdouglas it seems the test intended to test that some random cookie attribute wouldn't be added to the Set-Cookie header with an = if there was no value to behave the same way as HttpOnly or Secure for instance.

What are your thoughts on accepting this challenge?

[markt-asf]

Seems reasonable to me. I'd lean towards setting some a random cookie attribute for this test.

[pnicolucci]

@markt-asf since we made changes to the 6.1.x TCK for this issue we should tag it with TCK:accepted any objection?