struts-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Randy Burgess <>
Subject Re: [S2] general question about cookies and namespace
Date Sat, 09 Aug 2008 17:09:21 GMT
If the path is different then they are completely separate cookies. So you
could have a cookie named "fruit" and a path of "/root" with a value of
"apple". You could have another cookie named "fruit" but with a path of
"/root/anotherpath" and it has a value of "orange". If you don't set a path
for the cookie it gets set for you so to stop this from happening I always
set the path explicitly.

Randy Burgess
Sr. Software Architect
D5 Systems, LLC

> From: Pierre Thibaudeau <>
> Reply-To: Struts Users Mailing List <>
> Date: Sat, 9 Aug 2008 00:16:11 -0400
> To: Struts Users Mailing List <>
> Subject: [S2] general question about cookies and namespace
> Struts: 2.1.2
> browser: Firefox 3.0, with Firebug add-on
> Strange phenomenon involving cookies.  I don't know who to blame:  my code,
> Struts or Firefox...
> I am running a copy of my application locally on my own local Tomcat server
> (on localhost).  After several operations on the webapplication (among which
> would be logging in), four cookies are set in the browser:
> * JSESSIONID (dealt with by tomcat;  not my doing, of course)
> * language (the user's last selection of language)
> * password
> * username
> However, when I study the net requests through firebug, I notice that
> Firefox includes only the first of these cookies in the following requests'
> header.  Accordingly, if I start a new session, the language of the previous
> session is read as it should from the "language" cookie, but the auto-login
> interceptor fails to find the "username" and "password" cookies (even though
> they are present to the browser).
> On the other hand, things work fine on Safari.
> This seems strange to me.  The only formal distinction I can find between,
> say, the "language" cookie and the "username" cookie is the "path":
> * Firefox report the path of the "language" cookie as:  /mywebapp/
> * but it reports the path of the "username" cookie as: /mywebapp/users/
> Is it possible that Firefox is overstrict with which cookie to provide back
> to a given action, and the different namespace of the "username" cookie
> becomes problematic?  The actions that register my auto-login interceptor
> are all in the "/" namespace (that is, the same namespace as reported by the
> "language" cookie).  Has anyone come accross anything like this?

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message