Skip to content

Fix session termination issue in proxy#5

Draft
google-labs-jules[bot] wants to merge 3 commits intomainfrom
fix-session-termination
Draft

Fix session termination issue in proxy#5
google-labs-jules[bot] wants to merge 3 commits intomainfrom
fix-session-termination

Conversation

@google-labs-jules
Copy link
Contributor

@google-labs-jules google-labs-jules bot commented Nov 7, 2025

This change addresses a session termination issue in the SimpleProxyServlet. The root cause was an incorrect URL mapping in web.xml that used the contains type, which truncated the request path for AJAX calls and caused the session to be invalidated. By switching to the prefix mapping type, the full request path and query string are now correctly forwarded, resolving the issue.

PR created automatically by Jules for task 1207791721121253774

@google-labs-jules
Fix: Correct proxy mapping to prevent session termination
4b19038 
The `contains` mapping type was truncating the request path for AJAX calls, leading to session errors. This change switches to the `prefix` mapping type to ensure the full path is forwarded to the backend.
@google-labs-jules
Copy link
Contributor Author

google-labs-jules bot commented Nov 7, 2025

👋 Jules, reporting for duty! I'm here to lend a hand with this pull request.

When you start a review, I'll add a 👀 emoji to each comment to let you know I've read it. I'll focus on feedback directed at me and will do my best to stay out of conversations between you and other bots or reviewers to keep the noise down.

I'll push a commit with your requested changes shortly after. Please note there might be a delay between these steps, but rest assured I'm on the job!

For more direct control, you can switch me to Reactive Mode. When this mode is on, I will only act on comments where you specifically mention me with @jules. You can find this option in the Pull Request section of your global Jules UI settings. You can always switch back!

For security, I will only act on instructions from the user who triggered this task.

New to Jules? Learn more at jules.google/docs.

@google-labs-jules
Fix: Handle redirects to prevent session termination
e570647 
The servlet was not rewriting the `Location` header in redirect responses from the backend, causing the client's browser to bypass the proxy and terminate the session. This change adds logic to detect redirect responses and rewrite the `Location` header to point back to the proxy server, ensuring session continuity.
@google-labs-jules
Fix: Comprehensive fix for session timeouts
2565451 
This commit addresses two interacting bugs that caused session timeouts:

1.  **Path Matching in Non-Root Contexts:** The servlet now correctly strips the application's context path from the request URI before matching it against URL mappings. This ensures correct behavior when the proxy is deployed in a non-root context.

2.  **Cookie Handling During Redirects:** The servlet now strips the `Domain` attribute from `Set-Cookie` headers during redirects. This prevents the browser from sending session cookies to the wrong domain, which was causing immediate session timeouts.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants