getheaderfields java_java – HttpsURLConnection getHeaderFields没有返回set-cookie

我正在向一个HTTPS URL发送一个get请求,不知怎的,我正在为“Set-Cookie”获取空值.迭代时我可以看到header-key有“set-cookie”但header-value为null.

这是我的代码：

URL obj = new URL(url);

HttpsURLConnection conn = (HttpsURLConnection) obj.openConnection();

HttpsURLConnection.setFollowRedirects(false);

conn.setRequestProperty("User-Agent", USER_AGENT);

conn.setRequestProperty("Accept",

"text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8");

conn.setRequestProperty("Accept-Language", "en-US,en;q=0.5");

conn.setRequestProperty("Connection", "keep-alive");

conn.setRequestProperty("Accept-Encoding", "gzip, deflate");

conn.connect();

Map em = conn.getHeaderFields();

System.out.println("header Values......" + em.toString());

String headerName = null;

for (int i = 1; (headerName = conn.getHeaderFieldKey(i)) != null; i++)

{

System.out.println("Header Nme : " + headerName);

System.out.println(conn.getHeaderField(i));

}

输出：

header Values......{null=[HTTP/1.1 200 OK], x-wily-info=[Clear guid=0BE0EC9D0A7E67816C471FA946FD2EBB], Date=[Sat, 29 Mar 2014 03:27:41 GMT], Content-Length=[8106], x-wily-servlet=[*******************], X-FRAME-OPTIONS=[SAMEORIGIN], Connection=[close], Content-Type=[text/html;charset=UTF-8]}

Header Nme : Date

Sat, 29 Mar 2014 03:27:41 GMT

Header Nme : X-FRAME-OPTIONS

SAMEORIGIN

Header Nme : x-wily-info

Clear guid=0BE0EC9D0A7E67816C471FA946FD2EBB

Header Nme : x-wily-servlet

*****************************

Header Nme : Content-Type

text/html;charset=UTF-8

Header Nme : Content-Length

8106

**Header Nme : Set-Cookie

null

Header Nme : Set-Cookie

null**

Header Nme : Connection

close

Response Code : 200

从浏览器我可以看到：

Connection close

Content-Length 8106

Content-Type text/html;charset=UTF-8

Date Sat, 29 Mar 2014 02:20:31 GMT

Set-Cookie JSESSIONID=*********************; Path=/****; Secure; **HttpOnly**

Set-Cookie loginToken=*************;Path=/****/login/LoginProcess.do; **HttpOnly**; Secure

X-FRAME-OPTIONS SAMEORIGIN

x-wily-info Clear guid=0BA36F4A0A7E67816C471FA938E304CA

x-wily-servlet *****************************************

我在许多HTTPS网址上尝试过相同的操作,所有这些网址都运行正常,这只是创建问题;我注意到的主要区别是这个服务器实际上是以’HttpOnly’的形式发送cookie.它引起了问题吗？

解决方法:

由于XSS问题,这似乎是一个功能.

标签：java,cookies,httpsurlconnection

来源： https://codeday.me/bug/20190629/1322393.html