Cookie explicitly set on the request is getting discarded in favor of the one from the cookie jar

[Spikhalskiy]

Expected Behavior

A cookie explicitly specified on a RequestBuilder should take precedence over a cookie stored in cookie jar.

Actual Behavior

cookieStore = httpClient.getCookieStore();
cookieStore.add("some_url", new DefaultCookie("name", "value1"));
BoundRequestBuilder requestBuilder = httpClient.prepareGet("some_url");
requestBuilder.addCookie(new DefaultCookie("name", "value2"));
httpClient.executeRequest(requestBuilder.build())

This code leads to a request being performed with cookie "name":"value1", which is not what is expected by a user when a user explicitly sets a cookie on a RequestBuilder.

Root cause

Cookies from cookie jar are overriding cookies coming from the RequestBuilder here

Affected version

2.12.3, 3.0 pre-releases

[pickypg]

The supplied link puts the commit hash in the wrong place, but the root cause is that it blindly overrides Cookies by using addOrReplaceCookie(cookie) from the CookieStore, but it should only be using addCookie(cookie), which is even then dangerous if it's duplicating.

https://github.com/AsyncHttpClient/async-http-client/blob/661ec72/client/src/main/java/org/asynchttpclient/DefaultAsyncHttpClient.java#L238

[pickypg]

I've added a PR that only uses Cookies from the CookieStore if they're unset.

#2033