tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Antti Rauramo <>
Subject Cookie values
Date Tue, 01 Oct 2002 07:53:18 GMT

I had a problem with accented characters Cookie values, and also just a 
little longer Strings. Tomcat threw an IllegalArgumentException in 
maybeQuote like this:

java.lang.IllegalArgumentException: =?ISO-8859-1?Q?
        at org.apache.tomcat.util.http.ServerCookie.maybeQuote
        at org.apache.tomcat.util.http.ServerCookie.appendCookieValue
        at org.apache.coyote.tomcat4.CoyoteResponse.addCookie
        at org.apache.coyote.tomcat4.CoyoteResponseFacade.addCookie

I searched the web and found a couple of other people asking the same 
question, but no answers. 

So, Sun's javax.servlet.http.Cookie and Tomcat's javadocs say that the 
Cookie's value can be anything, but also that "If you use a binary value, 
you may want to use BASE64 encoding." and that "With Version 0 
cookies, values should not contain white space, brackets, parentheses, 
equals signs, commas, double quotes, slashes, question marks, at signs, 
colons, and semicolons."

That's a contradiction, isn't it? BASE64 results in data that may have white 
space (newlines).

But the Netscape's cookie definition says "This string is a sequence of 
characters excluding semi-colon, comma and white space. If there is a need 
to place such data in the name or value, some encoding method such as 
URL style %XX encoding is recommended, though no encoding is defined 
or required."

And so with URLEncoding this thing finally works! But I'd say that 
BASE64 is a bug in Sun's and Tomcat's javadocs. And maybe also Tomcat 
should be able to handle such values without throwing an exception...

Tell me I'm wrong, or go fix the javadocs!


Antti Rauramo
Index Information Technologies

To unsubscribe, e-mail:   <>
For additional commands, e-mail: <>

View raw message