-
Bug
-
Resolution: Fixed
-
Minor
-
Jenkins v1.565.2 on Windows Server 2003, analysis-core-plugin v1.55. Firefox 30, IE 11
One of our developers noticed that our PC-Lint warnings trend graph only showed builds from the last 30 days and that configuring the graph to show more had no effect.
I noticed while debugging this that the cookie being generated to save the trend graph configuration had the wrong path set so that the project dashboard wasn't loading it. The path was being set to the URL of the trend graph's configuration page (ex. http://jenkins/project with spaces/warnings0/config). If I manually edited the cookie's path to point to the project dashboard (ex. http://jenkins/project with spaces/) it worked. The same issue exists if a project dashboard is opened from a view with spaces in the name (ex. http://jenkins/view/View with spaces/Project_with_underscores).
Near as I can tell the source of the issue is in CookieHandler.java:
/**
* Sends a cookie with the specified value.
*
* @param requestAncestors
* the ancestors of the request
* @param value
* the cookie value
* @return the created cookie
*/
public Cookie create(final List<Ancestor> requestAncestors, final String value) {
Cookie cookie = new Cookie(name, value);
Ancestor ancestor = requestAncestors.get(requestAncestors.size() - ANCESTOR_PATH_PREFIX);
cookie.setPath(ancestor.getUrl());
cookie.setMaxAge(ONE_YEAR);
return cookie;
}
I think this line of code is the culprit which returning the wrong URL for the cookie's path.
Ancestor ancestor = requestAncestors.get(requestAncestors.size() - ANCESTOR_PATH_PREFIX);
- depends on
-
-
- Resolved
-
- is duplicated by
-
-
- Resolved
-
-
-
- Resolved
-
[JENKINS-25917] Spaces in URL (from project name or view) cause invalid cookies to be saved
David Schamber
created issue -
| Labels | Original: configuration plugin | |
| Priority | Original: Major [ 3 ] | New: Minor [ 4 ] |
| Component/s | New: core [ 15593 ] | |
| Component/s | New: junit-plugin [ 15499 ] | |
| Component/s | Original: warnings-plugin [ 15513 ] | |
| Summary | Original: Spaces in URL (from project name or view) cause invalid cookie to be saved when configuring trend graphs | New: Spaces in URL (from project name or view) cause invalid cookies to be saved |
| Labels | New: stapler |
I finally managed it to reproduce this issue: Seems that even if the correct path is set with cookie.setPath(ancestor.getUrl()); it will be somehow changed in staplers ResponseImpl.
This problem also occurs with the JUnit view that uses a cookie to decide which graph to use (failures only vs. all). So the problem must be somewhere in core (or any of the bundled libraries).
| Assignee | Original: Ulli Hafner [ drulli ] |
| Link |
New:
This issue is duplicated by |
yes, cookie path is correct and http header "Set-Cookie" received by the browser seems also correct:
Server Jetty(winstone-2.9) Set-Cookie TestResultAction_failureOnly=false;Path="/job/project%20with%20spaces";Expires=Mon, 09-Jan-2017 11:27:25 GMT
But the cookie is not saved correctly by the browser (Chrome and Firefox), certainly because of quotes in the Path.
It happens that Jenkins uses Jetty 8.1.13 (https://github.com/jenkinsci/winstone/blob/master/pom.xml#L221)
which is buggy (see here and here)
It will be needed to upgrade Jetty to 9.0.6 or later.
| Link |
New:
This issue depends on |
I see. Since you already found the problematic statement: are you interested in providing a fix as pull request? I currently quite busy with other work...