I found the problem, and you're right that the cookie was failing validation.
The app was prepending a dot to the domain name so that the cookie would affect both the domain and all subdomains. I understand that it's no longer necessary to prepend the dot, and removing the prepended dot fixes the problem. However, this does seem to be a difference in the behavior of Tomcat 8.0 and 8.5, It should probably be mentioned in https://tomcat.apache.org/migration-85.html. On Mon, Aug 29, 2016 at 2:35 AM, Mark Thomas <ma...@apache.org> wrote: > On 29/08/2016 03:09, Mike Wertheim wrote: > > I took a look using the LiveHttpHeaders Chrome extension. > > > > It's very simple. Tomcat 8.0.33 is setting the Set-Cookie header in the > > response, and Tomcat 8.5.4 is not setting the Set-Cookie header in the > > response. > > Check the logs for errors. I suspect the cookie isn't being sent because > it is failing validation. > > Mark > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > >
