RFR: 8351983: HttpCookie Parser Incorrectly Handles Cookies with Expires Attribute [v4]
Daniel Fuchs
dfuchs at openjdk.org
Thu Jun 12 12:51:31 UTC 2025
On Wed, 11 Jun 2025 13:31:50 GMT, Michael McMahon <michaelm at openjdk.org> wrote:
>> Hi,
>>
>> This is a fix to j.n.HttpCookie (which has a doc/spec change). So, I'm targeting it to 26.
>> We currently do not obey the rule in RFC 6265 that says if both Max-Age and Expires attributes
>> are present in a cookie, the Max-Age should take precedence.
>>
>> Thanks
>> Michael
>
> Michael McMahon has updated the pull request incrementally with one additional commit since the last revision:
>
> test and impl update
@Michael-Mc-Mahon
I still want to have a look at the (new) implementation changes but I agree with the principle, so it should not stop you starting the CSR process.
-------------
PR Comment: https://git.openjdk.org/jdk/pull/25636#issuecomment-2966583246
More information about the net-dev
mailing list