make sure we ignore cookies

commafeed-server/src/main/java/com/commafeed/backend/HttpGetter.java

@@ -1,6 +1,8 @@
 package com.commafeed.backend;
 
 import java.io.IOException;
+import java.net.CookieManager;
+import java.net.CookiePolicy;
 import java.net.URI;
 import java.net.http.HttpClient;
 import java.net.http.HttpClient.Redirect;
@@ -106,6 +108,7 @@ public class HttpGetter {
 				.followRedirects(Redirect.ALWAYS)
 				.sslContext(sslFactory.getSslContext())
 				.sslParameters(sslFactory.getSslParameters())
+				.cookieHandler(new CookieManager(null, CookiePolicy.ACCEPT_NONE))
 				.build();
 	}
 

commafeed-server/src/test/java/com/commafeed/backend/HttpGetterTest.java

@@ -3,6 +3,7 @@ package com.commafeed.backend;
 import java.io.IOException;
 import java.net.http.HttpTimeoutException;
 import java.util.Objects;
+import java.util.concurrent.atomic.AtomicInteger;
 
 import org.apache.commons.io.IOUtils;
 import org.eclipse.jetty.http.HttpStatus;
@@ -137,4 +138,23 @@ class HttpGetterTest {
 		Assertions.assertThrows(NotModifiedException.class, () -> getter.getBinary(this.feedUrl, null, "78910", TIMEOUT));
 	}
 
+	@Test
+	void ignoreCookie() throws Exception {
+		AtomicInteger calls = new AtomicInteger();
+
+		this.mockServerClient.when(HttpRequest.request().withMethod("GET")).respond(req -> {
+			calls.incrementAndGet();
+
+			if (req.containsHeader(HttpHeaders.COOKIE)) {
+				throw new Exception("cookie should not be sent by the client");
+			}
+
+			return HttpResponse.response().withBody("ok").withHeader(HttpHeaders.SET_COOKIE, "foo=bar");
+		});
+
+		Assertions.assertDoesNotThrow(() -> getter.getBinary(this.feedUrl, TIMEOUT));
+		Assertions.assertDoesNotThrow(() -> getter.getBinary(this.feedUrl, TIMEOUT));
+		Assertions.assertEquals(2, calls.get());
+	}
+
 }