some times chrome does not show session cookie and do not send it in request either

Question

We have been facing an strange issue lately where chrome does not seem to handle session (JSESSIONID) cookie properly. Looking at network tab in dev tool, I can see that Set-Cookie header is present with valid domain and path. But Application tab does not show this cookie and it is neither sent in subsequent requests. We see this irrespective of response code (302 or 200). Application is on HTTP and cookie is not marked secure.

Response header to set cookie: Set-Cookie:JSESSIONID=B8FD99048272BBE4B218C1CE2E4E4624.jvmRoute; Domain=.XXXXX.com; Path=/

Has any one seen this before? Is there any fix OR work around.

Answer 1

In case any one else is facing the same issue. this is based on observations while trying to debug this issue:

you open a page which belongs to domain child.parent.com and it sets a cookie (say C1) with domain .child.parent.com and with session expiry. If in another tab of chrome, you open a page from parent.com which set also sets a cookie with name C1 + .parent.com as domain + with session expiry. Now onward if child.parent.com tries to set the cookie C1 again (in case it was invalidated and recreated as happens in case of session invalidation), chrome does not honour cookie C1 any more showing the problem for child.magicbricks.com domain.

To work around the issue, we renamed the Cookie C1 to C2 for child.parent.com domain.