Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Warning "Invalid cookie header: ... Invalid 'expires' attribute"

See original GitHub issue

Describe the bug

In my application using the AWS SDK to access an S3 bucket I get in my logs several WARN messages coming from the SDK managed ApacheHttClient.

Example:

2021-04-19 14:34:27.916  WARN 1 --- [   scheduling-1] o.a.h.c.protocol.ResponseProcessCookies  : Invalid cookie header: "Set-Cookie: AWSALB=IBgdfz13kcSqIebR9wDO4YsKku18wWVpnUE3SJjeOftddRj3F53UR9JAROlBRszd0rvjkzC5++wCOOvvNbyjEydLjwUeo7VT01zlt89RgskYeAw683mPa3SLKGlM; Expires=Mon, 26 Apr 2021 14:34:27 GMT; Path=/". Invalid 'expires' attribute: Mon, 26 Apr 2021 14:34:27 GMT,
2021-04-19 14:34:27.917  WARN 1 --- [   scheduling-1] o.a.h.c.protocol.ResponseProcessCookies  : Invalid cookie header: "Set-Cookie: AWSALBCORS=IBgdfz13kcSqIebR9wDO4YsKku18wWVpnUE3SJjeOftddRj3F53UR9JAROlBRszd0rvjkzC5++wCOOvvNbyjEydLjwUeo7VT01zlt89RgskYeAw683mPa3SLKGlM; Expires=Mon, 26 Apr 2021 14:34:27 GMT; Path=/; SameSite=None; Secure". Invalid 'expires' attribute: Mon, 26 Apr 2021 14:34:27 GMT,
2021-04-19 14:34:29.969  WARN 1 --- [   scheduling-1] o.a.h.c.protocol.ResponseProcessCookies  : Invalid cookie header: "Set-Cookie: AWSALB=L4KrWVU0sxSV5e0fJm3WsK+zBQBaNrtMnUjY8TuwIIG5B2/IzLHgz4gOWcrG5xFiIkYrHZ4dnIpdiGKDsmdumeOozBFnhC8ue6pPOXFD8V2se9oBRCgQS+K0aTdB; Expires=Mon, 26 Apr 2021 14:34:29 GMT; Path=/". Invalid 'expires' attribute: Mon, 26 Apr 2021 14:34:29 GMT,
2021-04-19 14:34:29.970  WARN 1 --- [   scheduling-1] o.a.h.c.protocol.ResponseProcessCookies  : Invalid cookie header: "Set-Cookie: AWSALBCORS=L4KrWVU0sxSV5e0fJm3WsK+zBQBaNrtMnUjY8TuwIIG5B2/IzLHgz4gOWcrG5xFiIkYrHZ4dnIpdiGKDsmdumeOozBFnhC8ue6pPOXFD8V2se9oBRCgQS+K0aTdB; Expires=Mon, 26 Apr 2021 14:34:29 GMT; Path=/; SameSite=None; Secure". Invalid 'expires' attribute: Mon, 26 Apr 2021 14:34:29 GMT

The HttpClient should not emit those warnings.

Possible Solution

According to this StackOverFlow answer the warning is avoidable by using the following HttpClient configuration:

HttpClient httpClient = HttpClients.custom()
        .setDefaultRequestConfig(RequestConfig.custom()
                .setCookieSpec(CookieSpecs.STANDARD).build())
        .build();

But I haven’t found a way to inject the CookieSpec configuration into the Apache HttpClient managed by the SDK.

Your Environment

AWS Java SDK version used: 2.15.60
JDK version used: OpenJDK 11
Operating System and version: Ubuntu Linux 18.04

Issue Analytics

State:
Created 2 years ago
Comments:5 (2 by maintainers)

Top GitHub Comments

3reactions

debora-itocommented, Apr 24, 2021

Yeah I couldn’t find a way either. We’ve added this to our backlog, not necessarily a direct access to the CookieSpec config, but a way to fix the warnings you’re seeing in the HttpClient.

2reactions

debora-itocommented, Apr 21, 2021

I feel this is not really a bug, but a feature request to expose the CookieSpec configuration in the SDK Apache HttpClient. I’ll research more about it, maybe there’s a way to configure through an environment variable as a workaround?

Top Results From Across the Web

Fixing HttpClient warning "Invalid expires attribute" using ...

This is the first result on Google when searching Invalid expires attribute . I am using Resteasy as a transitive dependency of Keycloak...

How to fix Invalid cookie header, invalid expires attribute

Fixing invalid expires attribute warning for HttpClient and REASTEasy client.

Help please: Invalid 'expires' attribute : r/Clojure - Reddit

Seems like two different errors to me: the first is due to a malformed header value in the response (the expires value should...

[#HTTPCLIENT-1763] Invalid 'expires' attribute - ASF JIRA

6 to 4.5.2 and suddenly these warnings started appearing: [org.apache.http.client.protocol.ResponseProcessCookies] Invalid cookie header: "Set- ...

"[WARNING] Invalid cookie header" when using driver ...

The cookie in question is malformed. It contains non-standard 'expires' attribute, which, to make matters worse, contains a reserved character (comma) ...