InterceptingClientHttpRequest replaces headers set in request factory instead of merging them [SPR-15166]

[spring-projects-issues]

Nestor Tarin Burriel opened SPR-15166 and commented

When a custom requestFactory adds a header to the request and the RequestEntity contains the same header (e.g. cookies), the one in the RequestEntity will take precedence.

Checking the code in InterceptingClientHttpRequest class:

ClientHttpRequest delegate = requestFactory.createRequest(request.getURI(), request.getMethod());
getHeaders().putAll(request.getHeaders());

Is this the desired behaviour? Would it be ok if the header values are added? What if the custom request factory wants to add a cookie and the request header adds a different cookie? (the last one will be in the header and the first one discarded)

Kind regards,

Néstor

---

Affects: 4.2.6

Referenced from: commits 9243a14, e3be94c, 69c16f3

[spring-projects-issues]

Arjen Poutsma commented

Fixed in master, see 69c16f3

[spring-projects-issues]

Juergen Hoeller commented

Backported to 4.3.7 now, in a slightly different form (without the new method on MultiValueMap).