tags:

views:

126

answers:

2
+3  Q: 

What cookies are sent by the JVM to the server when running a Java applet?

On my web server I have an HTML file that contains an applet tag:

<html>
  <head/>
  <body>
    <applet code="Hello.class" width="100" height="100" />
  </body>
</html>

And I have a Java class file named Hello.class in the same directory as the HTML file.

Both of these files are running on a web server (IIS 6) whose host name is something like this:

bart.simpson.springfield.com

I have two cookies in my browser:

  • CookieA - Scoped to springfield.com
  • CookieB - Scoped to simpson.springfield.com

When the HTML file is requested from the server, Fiddler shows that both of the above cookies are sent along with the request.

When the Java class file is requested from the server, Fiddler shows that only CookieA (scoped to springfield.com) is sent.

I need both cookies to be sent to the server. Is there a way to do this?

I'm seeing this behavior is Firefox 3.5.2 and IE 7.

I've tried to find the spec on which cookies are sent but turned up nothing since Java 1.3.

Thanks!

+2  A: 

The client-side Java plug-in always consults the browser to verify if a cookie needs to be sent in the request. Details of the cookie support in the Java plug-in are available in the Java deployment guide.

There is one situation though where cookies will not be sent, and that is when the web server has set the HttpOnly flag on the cookie. In such a case, the HTTP request for the applet class will not contain the cookie header, since the Java plug-in will not be able to access the cookie.

Vineet Reynolds  2009-09-30 19:28:28
Vineet, I had the HttpOnly flag set on the cookies that weren't being sent. Removing that flag fixed my problem. Thank you very much!
Tim Stewart  2009-09-30 19:56:29
You're welcome. Just faced the same problem a few weeks back.
Vineet Reynolds  2009-09-30 19:58:59
A: 

The cookie for HTML file is sent by browser itself but the cookie for applet class file is sent by Java Plugin. So they often differ.

For browser, the only rule it uses is the domain name. Plugin has to factor in things as security policy and codebase. See this document for the details,

http://java.sun.com/products/plugin/1.3/docs/cookie.html

What's your codebase for the applet?

ZZ Coder  2009-09-30 19:31:35
ZZ Coder, thank you for your reply. In this instance it was an issue of the HttpOnly flag being set.
Tim Stewart  2009-09-30 19:58:08

related questions

Java Time Zone is messed up
Eclipse on win64
Automate builds for Java RCP for deployment with JNLP
Why are professors or schools picking Java over C++ to teach to students?
Is there a real benefit of using J#?
Public/Popular Websites using JavaServer Faces
Why can't I use a try block around my super() call?
Accessing post variables using Java Servlets
Personal Linux web server
Is this really widening vs autoboxing?
How can I Java webstart multiple, dependent, native libraries?
Why can't I call toString() on a Java primitive?
How do I use Java to read from a file that is actively being written?
What code analysis tools do you use for your Java projects?
IllegalArgumentException or NullPointerException for a null parameter?
How do I configure and communicate with a serial port?
What is the best way to parse strings in Java
Getting started with a custom JXTA PeerGroup
Creating a custom button in Java
How to get started "writing" a code coverage tool?
Which Build-/Configuration Management Tool?
What is the difference between an int and an Integer in Java/C#?
What is the meaning of the type safety warning in certain Java generics casts?
How would you access Object properties from within an object method?
Converting CSV File to XML in Java