1

I use addCookie method to set scdid which like a jsessionid. But unfortunately, it's not useful on Chrome and IE which is ok on Firefox.

So, could anybody help me?

Cookie cookie = new Cookie("xx", "xxx");
cookie.setMaxAge(3600);
cookie.setDomain("xxxx"); 
cookie.setPath("/");
response.addCookie(cookie);

Here is request/response body:

Headers
Remote Address:127.0.0.1:80
Request URL:http(can't give it to a link)://localhost/login
Request Method:POST
Status Code:302 Found

Request body
Accept:text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Accept-Encoding:gzip, deflate
Accept-Language:zh-CN,zh;q=0.8,en-US;q=0.6,en;q=0.4
Cache-Control:max-age=0
Connection:keep-alive
Content-Length:28
Content-Type:application/x-www-form-urlencoded
Cookie:JSESSIONID=3a210ab5-2e48-4a0b-b669-f9b5e82b9988
Host:localhost
Origin:http://localhost
Referer:http://localhost/login
User-Agent:Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/40.0.2214.111 Safari/537.36

Response body
Content-Length:0
Date:Tue, 09 Jun 2015 01:06:52 GMT
Location:http://localhost/
Server:Apache-Coyote/1.1
Set-Cookie:examid=366d69ae-5249-4e68-b779-c03056188249; Domain=localhost; Expires=Tue, 09-Jun-2015 02:06:51 GMT; Path=/

The above of that response is received at Tue, 09-Jun-2015 08:06:51

2015-06-10 EDIT: I have solved this problem by follows way, but I still confused.

Cookie cookie = new Cookie("examid", UUID.randomUUID().toString());
response.addCookie(cookie);

In this solution, I don't set expires, domain and path, which get inspiration from jsessionid in Chrome.

Remote Address:127.0.0.1:80
Request URL:http://localhost/login
Request Method:POST
Status Code:302 Found

Request Headers
Accept:text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Accept-Encoding:gzip, deflate
Accept-Language:zh-CN,zh;q=0.8,en-US;q=0.6,en;q=0.4
Cache-Control:max-age=0
Connection:keep-alive
Content-Length:28
Content-Type:application/x-www-form-urlencoded
Cookie:JSESSIONID=f63df7a3-f381-4914-92c1-a349bf73316b; examid=
Host:localhost
Origin:http://localhost
Referer:http://localhost/login
User-Agent:Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/40.0.2214.111 Safari/537.36

Form Dataview source
username:admin
password:xxxx

Response Headers
Content-Length:0
Date:Wed, 10 Jun 2015 01:35:53 GMT
Location:http://localhost/
Server:Apache-Coyote/1.1
Set-Cookie:examid=d65f7974-17f1-4338-9284-48f00670a012

2015-06-12 EDIT: I set MaxAge, path, domain one by one. And I found it works error when set domain (which from request parameter). There is my code that how to get domain:

private static final String getDomainName(HttpServletRequest request) {
    String domainName = null;

    String serverName = request.getRequestURL().toString();
    if (serverName == null || serverName.equals("")) {
        domainName = "";
    } else {
        serverName = serverName.toLowerCase();
        serverName = serverName.substring(7);
        final int end = serverName.indexOf("/");
        serverName = serverName.substring(0, end);
        final String[] domains = serverName.split("\\.");
        int len = domains.length;
        if (len > 3) {
            // www.xxx.com.cn
            domainName = "." + domains[len - 3] + "." + domains[len - 2] + "." + domains[len - 1];
        } else if (len <= 3 && len > 1) {
            // xxx.com or xxx.cn
            domainName = "." + domains[len - 2] + "." + domains[len - 1];
        } else {
            domainName = serverName;
        }
    }

    if (domainName != null && domainName.indexOf(":") > 0) {
        String[] ary = domainName.split("\\:");
        domainName = ary[0];
    }
    return domainName;
}
WhatAKitty
  • 338
  • 1
  • 5
  • 17

3 Answers3

3

Answer for the updated question:

Actually, I get domain "localhost" by my code

So this is the problem: the cookie will not be set if your domain name = localhost. By the spec, cookie domain name must have at least 2 or 3 dots (.). Localhost is a top-level domain name, so that will not work. Failing to abide to this rule may result in problems in certain browsers:

Only hosts within the specified domain can set a cookie for a domain and domains must have at least two (2) or three (3) periods in them to prevent domains of the form: ".com", ".edu", and "va.us".

So as the solution, while working on localhost, I would recommend that you either don't set the domain name, or just use 127.0.0.1.

You can refer to this answer and this answer for more information.

Community
  • 1
  • 1
Hoàng Long
  • 10,746
  • 20
  • 75
  • 124
  • I have set -1 to persist cookie active on a session. – WhatAKitty Jun 08 '15 at 14:31
  • And If I set 3600 sec, it's expire date is strange which eailer than current time. – WhatAKitty Jun 08 '15 at 14:32
  • @WhiteWater: from the code you just posted, I have updated my answer. However, to be sure I think we need to see the request/ response you got – Hoàng Long Jun 08 '15 at 14:38
  • the request and response I got are wrapped by apache tomcat holder. I have searched google before, someone told it may be cookie's timezone casued. – WhatAKitty Jun 08 '15 at 14:44
  • @WhiteWater: you can get request/response by using some tool like Fiddler to intercept the request from your client – Hoàng Long Jun 08 '15 at 14:50
  • @WhiteWater: looking through your code, expires has been set. So it must be something else.. How did you set ccsid? I didn't see it in your code/ request. – Hoàng Long Jun 09 '15 at 16:11
  • by the way, I think that Chrome may not work well with cookies set from localhost. Can you change it to something like 127.0.01 and check again? – Hoàng Long Jun 09 '15 at 16:12
  • @WhiteWater: I just notice, your status response code is 302? How can it be? That could cause your cookie problem. – Hoàng Long Jun 09 '15 at 16:13
  • Well, I updated my question. And this solved my problem, but I still confused about it. – WhatAKitty Jun 10 '15 at 01:26
  • In addition, I set examid instead of ccsid. – WhatAKitty Jun 10 '15 at 01:34
  • @WhiteWater: I doubt it. I don't see your change has any difference with previous code? Or are you saying after you don't set path, domain and MaxAge, it suddenly works for all browsers? – Hoàng Long Jun 11 '15 at 01:27
  • yeah, it's strange. But it works and works fine for all browsers. The exactly different is not setting path, domain and MaxAge. By the way, why I can't mention you? – WhatAKitty Jun 11 '15 at 07:04
  • @WhiteWater: you can't mention me because you are commenting on my answer, so I would receive notification no matter what. I'm curious: what if you put setMaxAge, setDomain, setPath back, one by one? By that way we can identify which property cause the problem. We should try finding the real problem, or else it can happen again. – Hoàng Long Jun 11 '15 at 15:51
  • @WhiteWater: I think you are coming very close to the solution :) might be you want to check what value you actually set into the domain field. By the way, why don't you use getServerName(http://docs.oracle.com/javaee/6/api/javax/servlet/ServletRequest.html#getServerName%28%29) to get the domain name? – Hoàng Long Jun 13 '15 at 04:01
  • @WhiteWater: I have updated my answer. localhost is the problem. – Hoàng Long Jun 15 '15 at 14:44
  • Oh, Thank you a lot. Thanks for your helping. I'll try again. – WhatAKitty Jun 22 '15 at 14:10
1

HttpServletResponse -> flushBuffer() worked absolutely fine for me.

response.flushBuffer();
Vaibhav Jain
  • 1,939
  • 26
  • 36
0

maybe cookies are disabled in your Chrome and IE?

Vit Ias
  • 725
  • 4
  • 16