tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ma...@apache.org
Subject svn commit: r831779 - /tomcat/trunk/java/javax/servlet/http/Cookie.java
Date Sun, 01 Nov 2009 23:04:33 GMT
Author: markt
Date: Sun Nov  1 23:04:33 2009
New Revision: 831779

URL: http://svn.apache.org/viewvc?rev=831779&view=rev
Log:
Don't allow null or zero length cookie names.

Modified:
    tomcat/trunk/java/javax/servlet/http/Cookie.java

Modified: tomcat/trunk/java/javax/servlet/http/Cookie.java
URL: http://svn.apache.org/viewvc/tomcat/trunk/java/javax/servlet/http/Cookie.java?rev=831779&r1=831778&r2=831779&view=diff
==============================================================================
--- tomcat/trunk/java/javax/servlet/http/Cookie.java (original)
+++ tomcat/trunk/java/javax/servlet/http/Cookie.java Sun Nov  1 23:04:33 2009
@@ -17,7 +17,6 @@
 package javax.servlet.http;
 
 import java.text.MessageFormat;
-import java.util.Date;
 import java.util.ResourceBundle;
 
 /**
@@ -124,26 +123,30 @@
      */
 
     public Cookie(String name, String value) {
-	if (!isToken(name)
-		|| name.equalsIgnoreCase("Comment")	// rfc2019
-		|| name.equalsIgnoreCase("Discard")	// 2019++
-		|| name.equalsIgnoreCase("Domain")
-		|| name.equalsIgnoreCase("Expires")	// (old cookies)
-		|| name.equalsIgnoreCase("Max-Age")	// rfc2019
-		|| name.equalsIgnoreCase("Path")
-		|| name.equalsIgnoreCase("Secure")
-		|| name.equalsIgnoreCase("Version")
-		|| name.startsWith("$")
-	    ) {
-	    String errMsg = lStrings.getString("err.cookie_name_is_token");
-	    Object[] errArgs = new Object[1];
-	    errArgs[0] = name;
-	    errMsg = MessageFormat.format(errMsg, errArgs);
-	    throw new IllegalArgumentException(errMsg);
-	}
+        if (name == null || name.length() == 0) {
+            throw new IllegalArgumentException(
+                    lStrings.getString("err.cookie_name_blank"));
+        }
+        if (!isToken(name)
+                || name.equalsIgnoreCase("Comment") // rfc2019
+                || name.equalsIgnoreCase("Discard") // 2019++
+                || name.equalsIgnoreCase("Domain")
+                || name.equalsIgnoreCase("Expires") // (old cookies)
+                || name.equalsIgnoreCase("Max-Age") // rfc2019
+                || name.equalsIgnoreCase("Path")
+                || name.equalsIgnoreCase("Secure")
+                || name.equalsIgnoreCase("Version")
+                || name.startsWith("$")
+            ) {
+            String errMsg = lStrings.getString("err.cookie_name_is_token");
+            Object[] errArgs = new Object[1];
+            errArgs[0] = name;
+            errMsg = MessageFormat.format(errMsg, errArgs);
+            throw new IllegalArgumentException(errMsg);
+        }
 
-	this.name = name;
-	this.value = value;
+        this.name = name;
+        this.value = value;
     }
 
 



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org


Mime
View raw message