Closed jecuendet closed 5 years ago
After merge, please backport to 2.6.x branch and release a version against spring-boot 1.5.x
I not sure if this should be the default behaviour.
If you'd like to customize the http client you can do it on your own by extending HttpClientProvider
Srping bean.
In Spring Cloud, it's disabled by default See: RibbonLoadBalancingHttpClient HttpClientFeignLoadBalancedConfiguration DefaultApacheHttpClientFactory
Look for disableCookieManagement
IMO, this is a better default to disable it...
Hi, the new version of Charon will expose a cookie rewriting configuration so you will be able to configure how cookies have to be handled:
The 4.0.0 is out and it provides configurable cookies handling.
Don't stock the cookies that are sent between the client and the browser This can cause a lot of problems around mixing Sessions between HTTP connections This can lead to Session steal from a user to another! Hint: Spring Cloud Hystrix also disables it by default