You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by bu...@apache.org on 2019/04/24 03:31:43 UTC
[Bug 63382] New: cookie value bug
https://bz.apache.org/bugzilla/show_bug.cgi?id=63382
Bug ID: 63382
Summary: cookie value bug
Product: Tomcat 9
Version: 9.0.17
Hardware: PC
Status: NEW
Severity: blocker
Priority: P2
Component: Servlet
Assignee: dev@tomcat.apache.org
Reporter: luanzhaofei@outlook.com
Target Milestone: -----
Created attachment 36548
--> https://bz.apache.org/bugzilla/attachment.cgi?id=36548&action=edit
I will submit a demo written by the test cookie
In the value of cookie there can be no spaces, if there are spaces, you can not
call the addCookie method to add cookies and send them to the front desk, which
seriously affects the use of cookies.
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org
[Bug 63382] cookie value bug
Posted by bu...@apache.org.
https://bz.apache.org/bugzilla/show_bug.cgi?id=63382
Mark Thomas <ma...@apache.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
OS| |All
Resolution|--- |INVALID
Status|NEW |RESOLVED
--- Comment #1 from Mark Thomas <ma...@apache.org> ---
Tomcat 9 implements RFC6265 by default for cookies:
https://tools.ietf.org/rfc/rfc6265.txt
Specifically:
cookie-value = *cookie-octet / ( DQUOTE *cookie-octet DQUOTE )
cookie-octet = %x21 / %x23-2B / %x2D-3A / %x3C-5B / %x5D-7E
; US-ASCII characters excluding CTLs,
; whitespace DQUOTE, comma, semicolon,
; and backslash
For configuration options see:
http://tomcat.apache.org/tomcat-9.0-doc/config/cookie-processor.html
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org
[Bug 63382] cookie value bug
Posted by bu...@apache.org.
https://bz.apache.org/bugzilla/show_bug.cgi?id=63382
--- Comment #2 from Mark Thomas <ma...@apache.org> ---
*** Bug 63383 has been marked as a duplicate of this bug. ***
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org