struts-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Josef Vermach (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (WW-4437) Bug in CookieInterceptor
Date Thu, 14 May 2015 07:19:00 GMT

    [ https://issues.apache.org/jira/browse/WW-4437?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14543315#comment-14543315
] 

Josef Vermach commented on WW-4437:
-----------------------------------

Hi,

Thanks it helped. We are now able to run our application.
But the problem with rejected cookie still persists. I think it is because that accepted_pattern,
which we define in struts, is in struts 2.3.24 used as well for value (in struts 2.3.16.3
it was not). We will try to change our pattern. Thanks for helping.

> Bug in CookieInterceptor
> ------------------------
>
>                 Key: WW-4437
>                 URL: https://issues.apache.org/jira/browse/WW-4437
>             Project: Struts 2
>          Issue Type: Bug
>          Components: Core Interceptors
>    Affects Versions: 2.3.20
>            Reporter: Chris Pratt
>            Assignee: Lukasz Lenart
>             Fix For: 2.3.24
>
>
> Sorry, I don't have an environment set up to create a patch, but I found an error in
the {{CookieInterceptor.isAccepted()}} method.  It currently looks like:
> {code:java}
> /**
>  * Checks if name of Cookie match {@link #acceptedPattern}
>  *
>  * @param name of Cookie
>  * @return true|false
>  */
> protected boolean isAccepted(String name) {
>     boolean matches = acceptedPattern.matcher(name).matches();
>     if (matches) {
>         if (LOG.isTraceEnabled()) {
>             LOG.trace("Cookie [#0] matches acceptedPattern [#1]", name, ACCEPTED_PATTERN);
>         }
>     } else {
>         if (LOG.isTraceEnabled()) {
>             LOG.trace("Cookie [#0] doesn't match acceptedPattern [#1]", name, ACCEPTED_PATTERN);
>         }
>     }
>     return matches;
> }
> {code}
> But it would be more useful if it actually reported the RegEx being used instead of the
default.  And, it would be more performant if the comparisons were reversed.  So something
more like:
> {code:java}
> /**
>  * Checks if name of Cookie match {@link #acceptedPattern}
>  *
>  * @param name of Cookie
>  * @return true|false
>  */
> protected boolean isAccepted (String name) {
>   boolean matches = acceptedPattern.matcher(name).matches();
>   if(LOG.isTraceEnabled()) {   
>     if(matches) {
>       LOG.trace("Cookie [#0] matches acceptedPattern [#1]",name,acceptedPattern.pattern());
>     } else {
>       LOG.trace("Cookie [#0] doesn't match acceptedPattern [#1]",name,acceptedPattern.pattern());
>     }
>   }
>   return matches;
> }
> {code}
> In addition, it looks like the default and the override are handled differently.  The
current code compiles the default case-insensitive, but not the override pattern.  Shouldn't
that be consistent?
> {code:java}
> private Pattern acceptedPattern = Pattern.compile(ACCEPTED_PATTERN,Pattern.CASE_INSENSITIVE);
> public void setAcceptCookieNames (String pattern) {
>   acceptedPattern = Pattern.compile(pattern);
> }
> {code}



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message