tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Mark Thomas <ma...@apache.org>
Subject Re: Is the Apache ISAPI Redirector Chopping Off Cookie Data?
Date Wed, 04 Aug 2010 14:35:43 GMT
On 04/08/2010 15:31, Richard G Curry wrote:
> I have a follow-up question on this; making this switch in the cookie format will have
a broad impact on our web apps that use the GetAccess product to generate this cookie format
as it is now. In the note I referenced, it stated that "The value needs to be quoted for this
to work. Tomcat will do this automatically if necessary." That said, if we change to the v1
cookie format, will Tomcat strip the quotes when it is passed to the servlet making the 'request.getCookies()'
call?

It should but other products have been known to choke when quotes are
present.

> Some of our apps use GetAccess but are not using Tomcat, they are ASP.NET pages. Does
anyone know if IIS does this stripping as well?

Another option - assuming a recent enough Tomcat version is:
-Dorg.apache.tomcat.util.http.ServerCookie.ALLOW_EQUALS_IN_VALUE=true

Mark

> 
> _______________________________________________________________________________________
> «¤»¥«¤»§«¤»¥«¤»§«¤»¥«¤»§«¤»¥«¤»§«¤»¥«¤»§«¤»¥«¤»§«¤»¥«¤»§«¤»¥«¤»§«¤»¥«¤»
> _______________________________________________________________________________________
> Rick Curry
> Common Services -  Software Development
> E2 - 066, MS 5210
> 972-431-9178 (Voice)
> 972-585-7585 (Pager)
> To send a (short) Text Message to my Pager:
> 9725857585@page.metrocall.com
> 
> -----Original Message-----
> From: Mark Thomas [mailto:markt@apache.org] 
> Sent: Tuesday, August 03, 2010 9:39 AM
> To: Tomcat Users List
> Subject: Re: Is the Apache ISAPI Redirector Chopping Off Cookie Data?
> 
> On 03/08/2010 15:35, Richard G Curry wrote:
>> Cookie content follows:
>> GAUSERINFO=first_name=RICHARD&last_name=CURRY&middle_initial=G&corpora
>> te_id=XXXXXXX
> 
> That cookie is not spec complaint. You can't use the '=' in a v0 cookie value. You need
to switch to v1 cookies and quote the value.
> 
> Mark
> 
> 
> 
> The information transmitted is intended only for the person or entity to
> which it is addressed and may contain confidential and/or privileged 
> material.  If the reader of this message is not the intended recipient,
> you are hereby notified that your access is unauthorized, and any review,
> dissemination, distribution or copying of this message including any 
> attachments is strictly prohibited.  If you are not the intended
> recipient, please contact the sender and delete the material from any
> computer.
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
> 




---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message