You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@tomcat.apache.org by Dan Payne <dp...@sotx.org> on 2003/01/20 22:56:03 UTC

cookie creation behavior different TC 4.1.12 to 4.1.18

Cookie cookie = new Cookie("MyCookieNumbers", "1,2,3,4");

Under TC 4.1.12 this works fine.

Under TC 4.1.18 I get this error:
java.lang.IllegalArgumentException: 1,2,3,4
	at
org.apache.tomcat.util.http.ServerCookie.maybeQuote(ServerCookie.java:315)
	at
org.apache.tomcat.util.http.ServerCookie.appendCookieValue(ServerCookie.java
:248)
<snip/>

According to the javadoc, an IllegalArgumentException is thrown if the
cookie NAME contains a comma. Nothing is said about the cookie value.

According to RFC 2109, the cookie NAME cannot contain any commas, however it
appears the cookie value is free to do so.

It seems that somewhere between 4.1.12 and 4.1.18 the validation on the
cookie value was changed to be the same as the cookie name but that isn't,
correct me if I'm wrong, the correct behavior accoding to the RFC. I also
checked the release notes and didn't see any entry related to this (as far
as modifications/bug fixes) which actually leads me to believe nothing
changed with the code. I've been trying to track down the source but i'm
having trouble locating it.

Can anyone confirm that this is indeed what's throwing the exception and if
it is/isn't the correct behavior?

Thanks.

-Dan


--
To unsubscribe, e-mail:   <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>