clj-http icon indicating copy to clipboard operation
clj-http copied to clipboard

Published 20 hours ago verified publisher icon dakrone

Make CookieSpecs/STANDARD the default cookie spec

Open ska2342 opened this issue 5 years ago • 2 comments

Reasoning

The Apache HTTP Client documentation has this to say about the DEFAULT cookie spec:

"This policy will be deprecated in favor of the standard (RFC 6265 compliant) implementation in the next minor release of HttpClient." (https://hc.apache.org/httpcomponents-client-ga/tutorial/html/statemgmt.html)

The same document then states: "It is strongly recommended to use either Standard or Standard strict policy in new applications."

This change makes CookieSpecs/STANDARD the default for the get-cookie-policy multimethod.

ska2342 avatar Sep 01 '20 09:09 ska2342

Tests run through, but I think there are no tests for the cookie spec. I don't feel confident enough to write one myself.

ska2342 avatar Sep 01 '20 09:09 ska2342

Based on what I've read from the upstream documentation, I think this would apply to the minor version 4.6.x. As far as I can see, there are no plans in the upstream project to release 4.6.x.

For versions 3.x, I think it's best to retain the existing behaviour to match up.

However, if/when 4.x version is released, the default cookie behaviour should be adjusted to match the upstream default.

rymndhng avatar Sep 15 '20 17:09 rymndhng