You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@knox.apache.org by GitBox <gi...@apache.org> on 2020/12/08 14:17:33 UTC
[GitHub] [knox] pzampino commented on a change in pull request #391: KNOX-2479 - Fix an issue where Knox munges set-cookie header
pzampino commented on a change in pull request #391:
URL: https://github.com/apache/knox/pull/391#discussion_r538419292
##########
File path: gateway-spi/src/main/java/org/apache/knox/gateway/dispatch/DefaultDispatch.java
##########
@@ -382,7 +382,14 @@ private String calculateResponseHeaderValue(Header headerToCheck, Map<String, Se
return ""; // we should exclude all -> there should not be any value added with this header
} else {
final String separator = SET_COOKIE.equalsIgnoreCase(headerNameToCheck) ? "; " : " ";
- Set<String> headerValuesToCheck = new HashSet<>(Arrays.asList(headerToCheck.getValue().trim().split("\\s+")));
+ Set<String> headerValuesToCheck;
+ if(headerToCheck.getName().equalsIgnoreCase(SET_COOKIE)) {
+ headerValuesToCheck = new HashSet<>(Arrays.asList(headerToCheck.getValue().trim().split(";")));
+ /* trim */
+ headerValuesToCheck = headerValuesToCheck.stream().map(String::trim).collect(Collectors.toSet());
+ } else {
+ headerValuesToCheck = new HashSet<>(Arrays.asList(headerToCheck.getValue().trim().split("\\s+")));
+ }
headerValuesToCheck = headerValuesToCheck.stream().map(h -> h.replaceAll(separator.trim(), "")).collect(Collectors.toSet());
Review comment:
Why the need to trim the separator here? Why not set the value to the trimmed form in the first place?
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org