Cookies, space and MSIE

[Costin Manolache <cm...@yahoo.com>]

It seems MSIE on mac ( aparently both 9 and X ) is failing
to parse the Cookie if tomcat is used in secure mode ( with
SSL enabled ). ( it doesn't matter on which platform you run
tomcat - the browser is broken ).

I added the extra space - and the problem went away.

Remy - should we backport this to 4.1 ( and 4.0 ) ? I made 
the change in 5.0, and did the tests with a patched 4.1.

The problem is:
 Path=/foo;Secure  -> fails
 Path=/foo; Secure -> works

The examples in the Netscape specification of the Cookie include
space after ; - and don't explicitely say the space is optional.


Costin





--
To unsubscribe, e-mail:   <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>

Re: Cookies, space and MSIE

[Remy Maucherat <re...@apache.org>]

Costin Manolache wrote:
> It seems MSIE on mac ( aparently both 9 and X ) is failing
> to parse the Cookie if tomcat is used in secure mode ( with
> SSL enabled ). ( it doesn't matter on which platform you run
> tomcat - the browser is broken ).
> 
> I added the extra space - and the problem went away.
> 
> Remy - should we backport this to 4.1 ( and 4.0 ) ? I made 
> the change in 5.0, and did the tests with a patched 4.1.

+1 for backporting.

> The problem is:
>  Path=/foo;Secure  -> fails
>  Path=/foo; Secure -> works
> 
> The examples in the Netscape specification of the Cookie include
> space after ; - and don't explicitely say the space is optional.

Yes, I read your explanation in the commit message.

Remy


--
To unsubscribe, e-mail:   <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>