tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From jfcl...@apache.org
Subject svn commit: r553410 - /tomcat/tc6.0.x/trunk/java/org/apache/tomcat/util/http/ServerCookie.java
Date Thu, 05 Jul 2007 08:13:15 GMT
Author: jfclere
Date: Thu Jul  5 01:13:06 2007
New Revision: 553410

URL: http://svn.apache.org/viewvc?view=rev&rev=553410
Log:
Escape the " in the cookie value.

Modified:
    tomcat/tc6.0.x/trunk/java/org/apache/tomcat/util/http/ServerCookie.java

Modified: tomcat/tc6.0.x/trunk/java/org/apache/tomcat/util/http/ServerCookie.java
URL: http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/java/org/apache/tomcat/util/http/ServerCookie.java?view=diff&rev=553410&r1=553409&r2=553410
==============================================================================
--- tomcat/tc6.0.x/trunk/java/org/apache/tomcat/util/http/ServerCookie.java (original)
+++ tomcat/tc6.0.x/trunk/java/org/apache/tomcat/util/http/ServerCookie.java Thu Jul  5 01:13:06
2007
@@ -130,6 +130,7 @@
     //
     // private static final String tspecials = "()<>@,;:\\\"/[]?={} \t";
     private static final String tspecials = ",; ";
+    private static final String tspecials2 = ",; \"";
 
     /*
      * Tests a string and returns true if the string counts as a
@@ -154,6 +155,19 @@
 	return true;
     }
 
+    public static boolean isToken2(String value) {
+	if( value==null) return true;
+	int len = value.length();
+
+	for (int i = 0; i < len; i++) {
+	    char c = value.charAt(i);
+
+	    if (c < 0x20 || c >= 0x7f || tspecials2.indexOf(c) != -1)
+		return false;
+	}
+	return true;
+    }
+
     public static boolean checkName( String name ) {
 	if (!isToken(name)
 		|| name.equalsIgnoreCase("Comment")	// rfc2019
@@ -213,7 +227,7 @@
         // this part is the same for all cookies
 	buf.append( name );
         buf.append("=");
-        maybeQuote(version, buf, value);
+        maybeQuote2(version, buf, value);
 
 	// XXX Netscape cookie: "; "
  	// add version 1 specific information
@@ -283,6 +297,17 @@
             buf.append('"');
         }
     }
+    public static void maybeQuote2 (int version, StringBuffer buf,
+            String value) {
+        // special case - a \n or \r  shouldn't happen in any case
+        if (isToken2(value)) {
+            buf.append(value);
+        } else {
+            buf.append('"');
+            buf.append(escapeDoubleQuotes(value));
+            buf.append('"');
+        }
+    }
 
     // log
     static final int dbg=1;
@@ -306,12 +331,14 @@
         }
 
         StringBuffer b = new StringBuffer();
+        char p = s.charAt(0);
         for (int i = 0; i < s.length(); i++) {
             char c = s.charAt(i);
-            if (c == '"')
+            if (c == '"' && p != '\\')
                 b.append('\\').append('"');
             else
                 b.append(c);
+            p = c;
         }
 
         return b.toString();



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org


Mime
View raw message