You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@tomcat.apache.org by bu...@apache.org on 2003/05/15 01:02:42 UTC

DO NOT REPLY [Bug 19934] New: - Coma (',') in the cookies is treated as the end of value

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG 
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://nagoya.apache.org/bugzilla/show_bug.cgi?id=19934>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND 
INSERTED IN THE BUG DATABASE.

http://nagoya.apache.org/bugzilla/show_bug.cgi?id=19934

Coma (',') in the cookies is treated as the end of value

           Summary: Coma (',') in the cookies is treated as the end of value
           Product: Tomcat 4
           Version: 4.1.24
          Platform: PC
        OS/Version: Windows NT/2K
            Status: NEW
          Severity: Major
          Priority: Other
         Component: Servlet & JSP API
        AssignedTo: tomcat-dev@jakarta.apache.org
        ReportedBy: gverig@yahoo.com


I found this in JSP but I assume in servlets it would do the same.

Coma in to cookie value is treated as a semicolon, so a 
cookie "mycookie=blah,blah;..." would be returned 'mycookie=blah' and 'blah=""'

To the best of my knowledge ',' is not a legal separator in cookies but it is a 
completely legal character for a cookie value.
Code:
 Cookie[] cookies=request.getCookies();
 for(int i=0;i<cookies.length;i++)
            System.out.println("Cookie: "+cookies[i].getName()+"="+cookies
[i].getValue());

---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org