Bug #1693
closedMetacat client library: Static Cookies
0%
Description
The HttpMessage code uses static cookies. This is bad and should be changed.
(From bug# 188)
Updated by Saurabh Garg over 19 years ago
Below given is the initial email from Bill Baker regarding static cookies and
replies from others.
I agree. We noticed this problem a long time ago, but never fixed it.
Sid, could you enter this as a bug and target it at the next major
release? Thanks.
Matt
Jing Tao wrote:
Yep, I agree with you. It is better that cookie is a non-static member.
But I have no idea why it is chosen to be static in HttpMessage class
(utilities module). Do you guys know that?Jing
Bill Baker wrote:
I guess what I'm really asking is whether cookie should be a
non-static member, since it is treated that way, for example, in
MetacatClient -- the cookie is set, and then a message is sent. Since
there can be multiple client sessions in a JVM simultaneously (for
example, several people logged into the same Metacat HTML UI), that
seems prone to race conditions:(1) Client A sets session cookie
(2) Client B sets session cookie
(3) Client A sends message, now with B's session cookie
(4) Client B sends message ...At 16:55 2005-07-28, Jing Tao wrote:
Hi, Bill:
I guess the reason they are static method because cookie is a static
member variable. But it seems better to be non-static methods.Jing
Bill Baker wrote:
Sid & Jing --
I noticed that HttpMessage.setCookie and .getCookie are static (as
is the cookie member variable) -- should those be non-static instead?-- Bill
Updated by ben leinfelder over 11 years ago
- Status changed from New to Closed
- Assignee changed from Michael Daigle to ben leinfelder
We changed to use standard apache HttpClient and made the cookie sessionId value a per-MetacatClient instance variable.