Details
-
Bug
-
Resolution: Fixed
-
Medium
-
6.11.0
-
None
-
Severity 3 - Minor
-
Description
WARN messages printed in logs:
2018-05-10 00:28:35,015 WARN [http-nio-8443-exec-162] [http.client.protocol.ResponseProcessCookies] processCookies Invalid cookie header: "Set-Cookie: AWSALB=YHI66k+9BPr9b+uT6eufHAbfP2yS5pCHmg1Ur5GFwFNUfQxIoLARtH9ybQHxF1C5m+epZS0XwCmr2a5FFm/7eLeABFudWX538PwbJbws0KEdFRCnegBvykPcuRKM; Expires=Thu, 17 May 2018 00:28:35 GMT; Path=/". Invalid 'expires' attribute: Thu, 17 May 2018 00:28:35 GMT -- url: /brikit/pages/doeditpageblock.action | page: 44771697 | traceId: 07222782dc9b8b7c | referer: https://confluence.airbnb.biz/brikit/pages/editpage.action?pageId=44771697&blockId=254223540 | action: doeditpageblock 2018-05-10 00:28:35,016 WARN [http-nio-8443-exec-162] [synchrony.service.http.SynchronyResponseHandler] failed Synchrony external changes API call returned 401: {"type":"unauthorized-access","message":"Not authorized to access this resource."} content-id: 53414653 rev: confluence$content$53414653.14 ancestor: null merges: {"confVersion":"1","trigger":"other","type":"external"} generate-rev: null generate-reset: null
This may prevent some requests from getting the correct cookie (which may break session affinity).
Root cause may be https://issues.apache.org/jira/browse/HTTPCLIENT-1077 , which is also found in some other java projects (e.g., gradle (https://github.com/gradle/gradle/issues/1596) , a fix is found in https://github.com/gradle/gradle/pull/2213 which we can probably learn from).
We have applied the fix for our synchrony-interop add-on in CONFSRVDEV-4489 or sal-api library in https://ecosystem.atlassian.net/browse/SAL-368.
Attachments
Issue Links
- relates to
-
CONFSERVER-53651 HTTP Client in Confluence does not accept RFC6265 compliant date format in "Expires" cookie header
- Closed