Details
-
Bug
-
Resolution: Tracked Elsewhere
-
High
-
None
-
6.0.1, 6.2.0, 6.3.2, 6.3.4, 6.4.3, 6.8.1
-
17
-
Severity 3 - Minor
-
8
-
Description
We closed this ticket because:
- It is too generic since there are different sources that could generate the same WARN messages.
- These WARN messages are mostly harmless and misleading on AWS because it currently returns a new a rotating cookie key to the client for every request and the sticky session is not lost.
- We have also verified that Confluence Data Center has been working properly behind an Nginx Plus Load Balancer with session affinity enabled.
For any specific case, we will open a new ticket to address it, such as CONFSERVER-56254. Please don't reference to this ticket but raise a new one if you can narrow down to which use case that causes the sticky session to be lost and the user is asked to log in again.
Summary
When using a load balancer, firewall or application that sets cookies with an expires attribute (not Max-Age) in a Cookie header, Confluence throws a WARN (in this example it's trying to get the data from a Jira User Server via the firewall)
2017-10-04 16:31:55,549 WARN [http-nio-8443-exec-45] [http.client.protocol.ResponseProcessCookies] processCookies Invalid cookie header: "Set-Cookie: this_is_a_cookie=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA; e xpires=Thu, 04 Oct 2018 12:31:45 GMT; path=/; Domain=.mycompany.com". Invalid 'expires' attribute: Thu, 04 Oct 2018 12:31:45 GMT -- referer: https://confluence.mycompany.com/plugins/servlet/embedded-crowd/configure/jira/ | url: /plugins/servlet/embedded-crowd/configure/jira/ | traceId: 905ff3f698dd7782 | userName: username@mycompany.com
Environment
- External firewall or loadbalancer that Confluence is connecting through
Steps to Reproduce
- Set up a load balancer or firewall that sets cookies with an expires element on the Cookie: header
- Have Confluence pull content via load balancer
Expected Results
Link is parsed without error
Actual Results
The below exception is thrown in the atlassian-confluence.log file:
2017-10-04 16:31:55,549 WARN [http-nio-8443-exec-45] [http.client.protocol.ResponseProcessCookies] processCookies Invalid cookie header: "Set-Cookie: this_is_a_cookie=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA; e xpires=Thu, 04 Oct 2018 12:31:45 GMT; path=/; Domain=.mycompany.com". Invalid 'expires' attribute: Thu, 04 Oct 2018 12:31:45 GMT -- referer: https://confluence.mycompany.com/plugins/servlet/embedded-crowd/configure/jira/ | url: /plugins/servlet/embedded-crowd/configure/jira/ | traceId: 905ff3f698dd7782 | userName: username@mycompany.com
Notes
This can be reproduced with Amazon ALB.
Workaround
Bypass the firewall or load balancer, or make sure the external application does not return cookies with expires attribute.
Attachments
Issue Links
- is related to
-
CONFSERVER-56254 The HttpClient library used in confluence-collaborative-editor-plugin can't parse the Load Balancer's cookie having the Expires attribute in RFC 6265 format
- Closed
-
JRASERVER-66079 HTTP Client in JIRA does not accept RFC6265 compliant date format in "Expires" cookie header
- Gathering Impact