You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@wicket.apache.org by "Thibault Kruse (JIRA)" <ji...@apache.org> on 2014/07/21 15:22:39 UTC

[jira] [Commented] (WICKET-5648) CookieUtils - add #loadValues(), make #getCookie() public, properly initialize from the defaults

    [ https://issues.apache.org/jira/browse/WICKET-5648?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14068493#comment-14068493 ] 

Thibault Kruse commented on WICKET-5648:
----------------------------------------

Actually in our code we use the semicolon, and we use java.net.URLEncoder.encode() to encode values before joining, and URLDecoder to decode after splitting. Not sure whether that would be viable in general for wicket cookies, however that handles semicolons as well.

> CookieUtils - add #loadValues(), make #getCookie() public, properly initialize from the defaults
> ------------------------------------------------------------------------------------------------
>
>                 Key: WICKET-5648
>                 URL: https://issues.apache.org/jira/browse/WICKET-5648
>             Project: Wicket
>          Issue Type: Improvement
>            Reporter: Thibault Kruse
>            Assignee: Martin Grigorov
>            Priority: Minor
>             Fix For: 7.0.0-M3, 6.17.0
>
>
> Hi, not sure even whether CookieUtils is supposed to be used outside wicket. But if so, it has some API flaws.
> The CookieUtils class has 
> public final void save(String key, final String... values)
> but no *public* load method to load the saved multiple values. Clients can load the whole string and split themselves, but that's dirty. And using FormComponent.VALUE_SEPARATOR seems wicket-specific anyway (and is not safe against values with that separator), so maybe that method should be protected, not public.
> The code
> cookie.setSecure(false);
> in save() also seems dodgy, but seems to have no effect (defaultSettings still work).
> Finally it is a bit weird that there is no access to the underlying Cookie itself, with it's getDomain() etc methods. For Developers it might be nice to work with the cookie avoiding the boilerplate code, so maybe getCookie() could be made public instead of private



--
This message was sent by Atlassian JIRA
(v6.2#6252)