search

sahaya / rest-assured

Automatically exported from code.google.com/p/rest-assured
0 stars 0 forks source link

Cookies response should not automatically be set in subsequent requests #149

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago 
I have been experimenting with Rest Assured today, and one of the issues I came 
across is that by default it uses response cookies in subsequent requests 
(where permissible, i.e. within same domain etc.).

I believe this to be a bad idea for a testing framework. When making subsequent 
calls, surely it is ideal for response cookies to not be propagated unless the 
user requests it explicitly?

For a simple example, I was testing our authentication system, with two invalid 
sets of credentials followed by valid credentials. I would not want cookies 
from the first or second request to be propagated to the third, however this 
default behaviour meant that when I was seeing errors because cookies weren't 
being sent on the successful authentication because they had been set already 
on the client in the previous requests.

In order to stop this behaviour, I made a few simple modifications to the 1.5 
release. They are:

    remove httpcore-4.0.1.jar and httpclient-4.0.3.jar from the dependencies
    Add in httpcore-4.1.2.jar and httpclient-4.1.2.jar from http://hc.apache.org/downloads.cgi
        Note this is because we want to set a cookie policy of IGNORE_COOKIES. Up until version 4.1 of httpclient, IGNORE_COOKIES was not a field on CookiePolicy, hence the required upgrade. The replacement of httpcore was for compatibility reasons with httpclient-4.1.2
    Use the following line of code before you make any calls to RestAssured:
        RestAssured.config = config().httpClient( new HttpClientConfig().setParam("http.protocol.cookie-policy", CookiePolicy.IGNORE_COOKIES));
        You'll need the following imports:
            import com.jayway.restassured.RestAssured;
            import static com.jayway.restassured.config.RestAssuredConfig.config;
            import org.apache.http.client.params.CookiePolicy;

Original issue reported on code.google.com by johan.ha...@gmail.com on 16 Jan 2012 at 7:35

GoogleCodeExporter commented 9 years ago

Original comment by johan.ha...@gmail.com on 16 Jan 2012 at 8:20