You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@shiro.apache.org by "Les Hazlewood (JIRA)" <ji...@apache.org> on 2009/03/02 14:35:56 UTC
[jira] Reopened: (JSEC-64) removeMe cookie path is wrong at
deletion if servlet context path is root ("/")
[ https://issues.apache.org/jira/browse/JSEC-64?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Les Hazlewood reopened JSEC-64:
-------------------------------
When looking at this:
https://svn.apache.org/repos/asf/incubator/jsecurity/trunk/web/src/org/jsecurity/web/attr/CookieAttribute.java
I don't see the patch applied. Was another class modified instead? I'm confused...
> removeMe cookie path is wrong at deletion if servlet context path is root ("/")
> -------------------------------------------------------------------------------
>
> Key: JSEC-64
> URL: https://issues.apache.org/jira/browse/JSEC-64
> Project: JSecurity
> Issue Type: Bug
> Affects Versions: Incubation
> Reporter: Brad Whitaker
> Assignee: Jeremy Haile
> Fix For: 1.0
>
> Attachments: CookeiAttribute.calculatePath.patch
>
>
> The fix for JSEC-34 changes the cookie path from "" (empty string) to "/" when the rememberMe cookie is created. The change to the path is not made, however, when the cookie is removed. This prevents the cookie from being removed. The attached patch introduces a new method "calculatePath()" that supplies the path both when the cookie is created and when it is removed. (Feel free to rename the method or make any other change.)
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.