You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@sling.apache.org by fm...@apache.org on 2010/09/18 20:08:58 UTC
svn commit: r998508 -
/sling/trunk/bundles/auth/form/src/main/java/org/apache/sling/auth/form/impl/FormAuthenticationHandler.java
Author: fmeschbe
Date: Sat Sep 18 18:08:58 2010
New Revision: 998508
URL: http://svn.apache.org/viewvc?rev=998508&view=rev
Log:
Don't quote cookie value and attributes
Modified:
sling/trunk/bundles/auth/form/src/main/java/org/apache/sling/auth/form/impl/FormAuthenticationHandler.java
Modified: sling/trunk/bundles/auth/form/src/main/java/org/apache/sling/auth/form/impl/FormAuthenticationHandler.java
URL: http://svn.apache.org/viewvc/sling/trunk/bundles/auth/form/src/main/java/org/apache/sling/auth/form/impl/FormAuthenticationHandler.java?rev=998508&r1=998507&r2=998508&view=diff
==============================================================================
--- sling/trunk/bundles/auth/form/src/main/java/org/apache/sling/auth/form/impl/FormAuthenticationHandler.java (original)
+++ sling/trunk/bundles/auth/form/src/main/java/org/apache/sling/auth/form/impl/FormAuthenticationHandler.java Sat Sep 18 18:08:58 2010
@@ -994,18 +994,18 @@ public class FormAuthenticationHandler e
final StringBuilder header = new StringBuilder();
// default setup with name, value, cookie path and HttpOnly
- header.append(name).append("=\"").append(value).append('"');
- header.append("; Path=\"").append(cookiePath).append('"');
+ header.append(name).append("=").append(value);
+ header.append("; Path=").append(cookiePath);
header.append("; HttpOnly"); // don't allow JS access
// set the cookie domain if so configured
if (domain != null) {
- header.append("; Domain=\"").append(domain).append('"');
+ header.append("; Domain=").append(domain);
}
// Only set the Max-Age attribute to remove the cookie
if (age >= 0) {
- header.append("; Max-Age=\"").append(age).append('"');
+ header.append("; Max-Age=").append(age);
}
// ensure the cookie is secured if this is an https request