tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Remy Maucherat <>
Subject Cookie issues
Date Wed, 11 Nov 2009 18:17:39 GMT

I think cookies are still broken, and this is getting more and more
complex. The apparent issue is that the parser applies v1 parsing rules
when parsing v0 cookies (which are generated using a much more lenient
character exclusion), resulting in cookies that cannot be parsed back.

A simple example is a regular cookie session (!), where the path cannot
even be parsed back ('/' is now in the "specials" list).

Maybe we could parse as v0, and validate the bytes if the cookie turned
out to be v1 ?


To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message