tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject DO NOT REPLY [Bug 51138] Cookies with colons in the cookie value are read incorrectly
Date Sun, 01 May 2011 10:58:58 GMT
https://issues.apache.org/bugzilla/show_bug.cgi?id=51138

--- Comment #3 from Jelmer Kuperus <jelmer@jteam.nl> 2011-05-01 10:58:58 UTC ---
Mark, Actually the document I referenced is no longer a draft. It's now an RFC

http://www.rfc-editor.org/rfc/rfc6265.txt 

and obsoletes RFC2965 which obsoletes RFC2109 which obsoletes "version 0"

You mention that if this spec was approved it would still be invalid to use a
colon in an unquoted value. Could you point out the section in that spec that
explains this? 
I've been going over it but cannot seem to find it
In rfc2965 a reference is made to the token field from the http spec but in
which delimiter fields are explicitly disallowed by rfc6265 uses a cookie-octet
field

Do you believe that supporting rfc6265 means not conforming to the servlet
specification ? I've been looking into it and it seems to only mention RFC2109
and "version 0" as two possible ways to format cookies send to the client.
I don't believe it mentions how cookies sent by the client should be
interpreted

-- 
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org


Mime
View raw message