tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject DO NOT REPLY [Bug 44679] Cookies are treated differently between 6.0.16 and 6.0.14
Date Mon, 13 Oct 2008 06:57:02 GMT
https://issues.apache.org/bugzilla/show_bug.cgi?id=44679





--- Comment #23 from Tristan Tarrant <tristan.tarrant@gmail.com>  2008-10-12 23:57:00
PST ---
(In reply to comment #22)
> simple wrappers to strip = and \n (tweak to accurately use your own
> BASE64Encoder class)

WHAT ? I'm sorry but that is not an acceptable solution. What if the cookie is
read by applications other than mine ? I have to tell them to strip and repad
the token ? 

Shouldn't a version 1 cookie be quoted, therefore protecting the "=" and
therefore resulting in a valid cookie ?

Otherwise the exception thrown by the following:

java.lang.IllegalArgumentException: Control character in cookie value, consider
BASE64 encoding your value
        at
org.apache.tomcat.util.http.ServerCookie.maybeQuote2(ServerCookie.java:365)
        at
org.apache.tomcat.util.http.ServerCookie.maybeQuote2(ServerCookie.java:358)
        at
org.apache.tomcat.util.http.ServerCookie.appendCookieValue(ServerCookie.java:268)


is incorrect and confusing and should be changed. Should I file a different bug
for this ?


-- 
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org


Mime
View raw message