You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by co...@locus.apache.org on 2000/03/31 00:22:19 UTC

cvs commit: jakarta-tomcat/src/share/org/apache/tomcat/util RequestUtil.java

costin      00/03/30 14:22:19

  Modified:    src/share/org/apache/tomcat/util RequestUtil.java
  Log:
  Partial fix for #139.
  
  We need to check the native code too. javax.servlet.http.Cookie needs
  to be checked and fixed - but I don't have enough karma :-)
  
  The problem: RFC 2109 and few browsers that are following the standards
  ( if you can believe that) are sending the cookie value in quotes, and
  tomcat is not striping the quotes so the returned value is different from
  what the user set.
  
  Still more work needs to be done to check all the code and be correct
  Thanks to  Miles Sabin <ms...@cromwellmedia.co.uk> for finding and
  kbayer@hms.harvard.edu for fixing the bug.
  
  Submitted by:	kbayer@hms.harvard.edu
  
  Revision  Changes    Path
  1.10      +27 -0     jakarta-tomcat/src/share/org/apache/tomcat/util/RequestUtil.java
  
  Index: RequestUtil.java
  ===================================================================
  RCS file: /home/cvs/jakarta-tomcat/src/share/org/apache/tomcat/util/RequestUtil.java,v
  retrieving revision 1.9
  retrieving revision 1.10
  diff -u -r1.9 -r1.10
  --- RequestUtil.java	2000/03/20 19:34:11	1.9
  +++ RequestUtil.java	2000/03/30 22:22:18	1.10
  @@ -182,6 +182,8 @@
                       
                       String name = token.substring(0, i).trim();
                       String value = token.substring(i+1, token.length()).trim();
  +		    // RFC 2109 and bug 
  +		    value=stripQuote( value );
                       Cookie cookie = new Cookie(name, value);
                       cookies.addElement(cookie);
                   } else {
  @@ -190,6 +192,31 @@
               }
           }
       }
  +
  +    
  +    /**
  +     *
  +     * Strips quotes from the start and end of the cookie string
  +     * This conforms to RFC 2109
  +     * 
  +     * @param value            a <code>String</code> specifying the cookie 
  +     *                         value (possibly quoted).
  +     *
  +     * @see #setValue
  +     *
  +     */
  +    private static String stripQuote( String value )
  +    {
  +	//	System.out.println("Strip quote from " + value );
  +	if (((value.startsWith("\"")) && (value.endsWith("\""))) ||
  +	    ((value.startsWith("'") && (value.endsWith("'"))))) {
  +	    try {
  +		return value.substring(1,value.length()-1);
  +	    } catch (Exception ex) { 
  +	    }
  +	}
  +	return value;
  +    }  
       
       public static void processFormData(String data, Hashtable parameters) {
           // XXX