Session cookie gets lost in FunctionalTest
In Play 1.2, the session cookie isn't used across multiple requests (in the same test).
There are two causes I think.
- if session maxAge is NOT set in the config, the problem is that
FunctionalTest.java incorrectly treats missing maxAge as maxAge=0
instead of as "keep for browser session"
- if session maxAge IS set in the config, the problem is that Scope.java does not add the timestamp to the session when it first creates the cookie (when there was no existing session cookie). this means the first time the cookie is set, the created cookie is invalid (no timestamp) and gets discarded.
I have the trivial patch for both issues, will put up on github momentarily and also attach here.
The second issue presumably breaks even outside of functional tests, but it's easy to imagine why nobody would notice in most applications since the first page load probably doesn't put anything important in the session.
Comments and changes to this ticket
- State changed from new to confirmed
- Milestone set to 1.2.2
- Assigned user set to Morten Kjetland
- Milestone order changed from 520 to 0
Thanks for the pullrequest.
I have looked into it and I agree with the fix except one thing:
You want to change it to
if(e.getValue().maxAge == null || e.getValue().maxAge != 0)
But I think it shold be
if(e.getValue().maxAge == null || e.getValue().maxAge > 0)
If you fix your commit, I can merge it for you.
One other thing: Can you consolidate the commits so that the pullrequest only contain one commit?
Use git rebase -i master
Keep cookies with no Max-Age set across FunctionalTest requests
No Max-Age means keep for the browser session. Without this fix
using FunctionalTest without a maxAge in config file will lose
session cookies on every request.
Add timestamp to new session even if we had no old session.
The timestamp was never set the first time the session cookie
was created, so the first session cookie always got discarded.
Create your profile
Help contribute to this project by taking a few moments to create your personal profile. Create your profile »
Play makes it easier to build Web applications with Java. It is a clean alternative to bloated Enterprise Java stacks. It focuses on developer productivity and targets RESTful architectures. Learn more on the http://www.playframework.org website.
Source code is hosted on githubCheck out our repository at http://github.com/playframework/play
Contributing, creating a patchPlease read the contributor guide
Reporting Security VulnerabilitiesSince all bug reports are public, please report any security vulnerability directly to guillaume dot bort at gmail dot com.
Creating a bug reportBug reports are incredibly helpful, so take time to report bugs and request features in our ticket tracker. We’re always grateful for patches to Play’s code. Indeed, bug reports with attached patches will get fixed far quickly than those without any.
Please include as much relevant information as possible including the exact framework version you're using and a code snippet that reproduces the problem.
Don't have too much expectations. Unless the bug is really a serious "everything is broken" thing, you're creating a ticket to start a discussion. Having a patch (or a branch on Github we can pull from) is better, but then again we'll only pull high quality branches that make sense to be in the core of Play.