Some Eclipse Foundation services are deprecated, or will be soon. Please ensure you've read this important communication.

Bug 338364

Summary: HttpFields.addSetCookie adds Expires HTTP header using cookie date format instead of http date format
Product: [RT] Jetty Reporter: karlgold
Component: serverAssignee: Greg Wilkins <gregw>
Status: RESOLVED FIXED QA Contact:
Severity: normal    
Priority: P3 CC: jetty-inbox, jorgen.rydenius
Version: unspecified   
Target Milestone: 7.2.x   
Hardware: PC   
OS: Linux   
Whiteboard:

Description karlgold CLA 2011-02-27 23:11:20 EST 
Build Identifier: Jetty 7.3.0

on line 1077 of HttpFields.java, addSetCookie adds an Expires HTTP header:

1076         // Expire responses with set-cookie headers so they do not get cached.
1077         put(HttpHeaders.EXPIRES_BUFFER, __01Jan1970_BUFFER);

The field __01Jan1970_BUFFER actually refers to the cookie date formatter, rather than the http date formatter, so the Expires header comes out wrong in the response:

Expires: Thu, 01-Jan-1970 00:00:00 GMT

Note the dashes.

Unfortunately __01Jan1970_BUFFER is a public field, but as far as I can tell only addSetCookie refers to it.  Changing this line:

284     public final static String __01Jan1970=formatCookieDate(0);

to

284     public final static String __01Jan1970=formatDate(0);

would fix it.

Reproducible: Always
Comment 1 Jörgen Rydenius CLA 2011-05-04 13:45:12 EDT 
Do not apply the patch proposed above since that would cause bug #338364 to return. Both formats of 1 Jan 1970 are required since they are used in two different cases, the HTTP Expires header and the Expire part of Netscape style cookies. The two uses should have different formats, changing the definition of __01Jan1970 back and forth is not the solution. See my original patch of bug #338364 for a working alternative.
Comment 2 Greg Wilkins CLA 2011-05-17 02:06:16 EDT 
This is bug #338364?  I think you must mean #304698 or #304658
Comment 3 Greg Wilkins CLA 2011-05-17 03:03:33 EDT 
Fixed in jetty-7 r3162 and jetty-6 r6570 by reverting to the patch proposed in 304658.

But also found an issue where the expires header was not being set if other cancelled fields existed.  Also fixed.


thanks
Comment 4 Greg Wilkins CLA 2011-05-17 03:07:38 EDT 
as above
Comment 5 Jörgen Rydenius CLA 2011-05-17 03:50:15 EDT 
Sorry about the mixup of bug numbers. Bug #338364 should be replaced by bug #304658 in my previous comment. But I can see you figured out that yourself. Thank you.