You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by bu...@apache.org on 2003/06/28 01:12:01 UTC
DO NOT REPLY [Bug 21157] New: -
CookieExample is setting cookie after writing data
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://nagoya.apache.org/bugzilla/show_bug.cgi?id=21157>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND
INSERTED IN THE BUG DATABASE.
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=21157
CookieExample is setting cookie after writing data
Summary: CookieExample is setting cookie after writing data
Product: Tomcat 4
Version: 4.1.24
Platform: All
OS/Version: Other
Status: NEW
Severity: Normal
Priority: Other
Component: Webapps:Examples
AssignedTo: tomcat-dev@jakarta.apache.org
ReportedBy: vishy@borland.com
A servlet can not set the headers and cookies after writing data to the
servlet's output stream. Once the servlet writes data, headers are committed.
However CookieExample writes some data first before doing addCookie on the
response.
The reason why this code works at all even with the above bug is: The
CookieExample is only writing a small amount of data before doing
response.addCookie. That data is still held in buffer and not yet sent over
the wire. Hence the headers are not yet committed. So it is pure luck that
this example works.
You can easily expose the bug by writing say 20K characters in this example
before response.addCookie is called. You will see that the cookies that are
adding to response are not actually sent back to client.
Fix is simple. Move up the response.addCookie() before response.getWriter()
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org