cxf-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From iris ding <>
Subject Re: Version 1 NewCookie is not compliant with RFC 2109
Date Fri, 08 Jan 2016 01:32:21 GMT
Looking at org.apache.cxf.jaxrs.impl.NewCookieHeaderProvider.toString() it
seems CXF does not have  check about the cookie version. So if we have
special character which is only allowed in version 1 cookie, there will be
an issue.

+1 for this change.

Iris Ding

View this message in context:
Sent from the cxf-dev mailing list archive at

View raw message