Return-Path: Delivered-To: apmail-tomcat-users-archive@www.apache.org Received: (qmail 47572 invoked from network); 10 Feb 2011 16:29:27 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.3) by minotaur.apache.org with SMTP; 10 Feb 2011 16:29:27 -0000 Received: (qmail 3217 invoked by uid 500); 10 Feb 2011 16:29:23 -0000 Delivered-To: apmail-tomcat-users-archive@tomcat.apache.org Received: (qmail 2785 invoked by uid 500); 10 Feb 2011 16:29:20 -0000 Mailing-List: contact users-help@tomcat.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: "Tomcat Users List" Delivered-To: mailing list users@tomcat.apache.org Received: (qmail 2775 invoked by uid 99); 10 Feb 2011 16:29:18 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 10 Feb 2011 16:29:18 +0000 X-ASF-Spam-Status: No, hits=0.7 required=5.0 tests=RCVD_IN_DNSWL_NONE,SPF_NEUTRAL X-Spam-Check-By: apache.org Received-SPF: neutral (nike.apache.org: local policy) Received: from [76.96.27.212] (HELO qmta14.emeryville.ca.mail.comcast.net) (76.96.27.212) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 10 Feb 2011 16:29:11 +0000 Received: from omta21.emeryville.ca.mail.comcast.net ([76.96.30.88]) by qmta14.emeryville.ca.mail.comcast.net with comcast id 6F9d1g0041u4NiLAEGUoyp; Thu, 10 Feb 2011 16:28:48 +0000 Received: from [192.168.1.201] ([69.143.109.145]) by omta21.emeryville.ca.mail.comcast.net with comcast id 6GUl1g01F38FjT18hGUmB4; Thu, 10 Feb 2011 16:28:47 +0000 Message-ID: <4D541240.70006@christopherschultz.net> Date: Thu, 10 Feb 2011 11:28:48 -0500 From: Christopher Schultz User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101207 Thunderbird/3.1.7 MIME-Version: 1.0 To: Tomcat Users List Subject: Re: Issue reading a cookie having a colon in the value . Is this a bug in Tomcat 6.0.32 ? References: <4D519246.2040903@directi.com> <4D519D51.7080006@apache.org> <4D52470B.8030604@directi.com> In-Reply-To: <4D52470B.8030604@directi.com> X-Enigmail-Version: 1.2a1pre Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit X-Virus-Checked: Checked by ClamAV on apache.org -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Reinwald, On 2/9/2011 2:49 AM, Reinwald Warapen wrote: > On 2/9/2011 1:15 AM, Mark Thomas wrote: >> I don't see any non-spec compliant behaviour here, just a broken user >> agent. > > I dont think all the user agents are broken. Cause this happened on IE > 8, Firefox 3.6 ,Chrome 9 and JMeter . I've even attached the logs and > test project for your reference. If you still dont think its a problem > then thanks for the help. The cookie and HTTP spec say that a cookie value cannot contain an unquoted value containing a ":", and that's exactly what you've got, there. See: http://www.faqs.org/rfcs/rfc2965.html Sections 3.1 and 3.3.4 and http://www.faqs.org/rfcs/rfc2616.html Section 2.2 (specifically see the definition of "token"). > // Raw Response > HTTP/1.1 200 OK > Server: Apache-Coyote/1.1 > Set-Cookie: JSESSIONID=DCA96AF717EBF0D2506A959CE415FA70; Path=/ > Set-Cookie: testingcolon="test:test:test"; Version=1 Note the quoted value and version number of "1". > B)Next Request > > //Raw Request > GET http://localhost:8081/index.jsp HTTP/1.1 > Connection: close > Cookie: $Version=0; JSESSIONID=DCA96AF717EBF0D2506A959CE415FA70; $Path=/; testingcolon=test:test:test Note the unquoted value and the version of "0". This looks like a broken user agent to me. - -chris -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk1UEkAACgkQ9CaO5/Lv0PC56QCgsRVJjCSzh28coDIUN/byEv6t ioIAoKRWhU+7toPNmDAAma3yuV/UFsTU =0E6M -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org For additional commands, e-mail: users-help@tomcat.apache.org