commons-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject DO NOT REPLY [Bug 11240] - Cookies with ',' in the value string is not parsed correctly in some cases
Date Mon, 29 Jul 2002 04:03:58 GMT
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG 
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://nagoya.apache.org/bugzilla/show_bug.cgi?id=11240>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND 
INSERTED IN THE BUG DATABASE.

http://nagoya.apache.org/bugzilla/show_bug.cgi?id=11240

Cookies with ',' in the value string is not parsed correctly in some cases

jsdever@sympatico.ca changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
           Severity|Critical                    |Major
           Priority|Other                       |Medium
            Summary|2002.07.26 nightly build    |Cookies with ',' in the
                   |HttpClient has a bug of     |value string is not parsed
                   |extracrting "Set-Cookie"    |correctly in some cases
            Version|Nightly Builds              |2.0 Milestone 2



------- Additional Comments From jsdever@sympatico.ca  2002-07-29 04:03 -------
We get:
Set-Cookie: _mysite=503386284,1027653678,1027912845,1027912705,0; path=/;
expires=Tue, 29-Jul-2003 08:37:05 GMT, cata=11; path=/,
ASPSESSIONIDGGGQQXEU=IOFDDAGAHNAFLJNLBNMHJKCN; path=/

We send:
Cookie: $Version=0; _mysite=503386284; 1027653678=null; 1027912845=null;
1027912705=null; 0=null; $Path=/; cata=11; $Path=/; ASP

So it looks like we are spliting the Cookie value based on ',' and finding bogus
cookie pairs.  I had a look at the spec.  It is pretty clear that ',' is a
tspecial character that is not permitted: the value is supposed to be a token or
a quoted string.

Therefore what we are dealing with here is a requirement for a non-standard
extension to how HttpClient parses cookies.

--
To unsubscribe, e-mail:   <mailto:commons-dev-unsubscribe@jakarta.apache.org>
For additional commands, e-mail: <mailto:commons-dev-help@jakarta.apache.org>


Mime
View raw message