A DESCRIPTION OF THE PROBLEM :
The HttpCookie.parse() method incorrectly forces any cookie containing an "expires" attribute to be parsed using Netscape cookie rules (version 0), even when the cookie explicitly contains "max-age" attribute as specified in RFC 2109/2965.
STEPS TO FOLLOW TO REPRODUCE THE PROBLEM :
HttpCookie.parse("Set-Cookie: name=value; expires=Thu, 01 Jan 2026 00:00:00 GMT; max-age=360000");
EXPECTED VERSUS ACTUAL BEHAVIOR :
EXPECTED -
max-age = 360000
ACTUAL -
max-age overrided by expires
The HttpCookie.parse() method incorrectly forces any cookie containing an "expires" attribute to be parsed using Netscape cookie rules (version 0), even when the cookie explicitly contains "max-age" attribute as specified in RFC 2109/2965.
STEPS TO FOLLOW TO REPRODUCE THE PROBLEM :
HttpCookie.parse("Set-Cookie: name=value; expires=Thu, 01 Jan 2026 00:00:00 GMT; max-age=360000");
EXPECTED VERSUS ACTUAL BEHAVIOR :
EXPECTED -
max-age = 360000
ACTUAL -
max-age overrided by expires
- csr for
-
JDK-8359343 HttpCookie Parser Incorrectly Handles Cookies with Expires Attribute
-
- Closed
-
- relates to
-
JDK-8286454 Upgrade Cookie handling classes in java.net package to conform with RFC 6265
-
- Open
-
- links to
-
Commit(master)
openjdk/jdk/116b8543
-
Review(master)
openjdk/jdk/25636