You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by fh...@apache.org on 2008/06/30 22:07:49 UTC
svn commit: r672889 - in /tomcat/tc6.0.x/trunk: STATUS.txt
java/org/apache/tomcat/util/http/ServerCookie.java webapps/docs/changelog.xml
Author: fhanik
Date: Mon Jun 30 13:07:49 2008
New Revision: 672889
URL: http://svn.apache.org/viewvc?rev=672889&view=rev
Log:
commit fix for 45272
Modified:
tomcat/tc6.0.x/trunk/STATUS.txt
tomcat/tc6.0.x/trunk/java/org/apache/tomcat/util/http/ServerCookie.java
tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml
Modified: tomcat/tc6.0.x/trunk/STATUS.txt
URL: http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/STATUS.txt?rev=672889&r1=672888&r2=672889&view=diff
==============================================================================
--- tomcat/tc6.0.x/trunk/STATUS.txt (original)
+++ tomcat/tc6.0.x/trunk/STATUS.txt Mon Jun 30 13:07:49 2008
@@ -38,11 +38,6 @@
+1: markt, fhanik
-1:
-* Fix for https://issues.apache.org/bugzilla/show_bug.cgi?id=45272
- Patch attached in bugzilla issue
- +1: fhanik, markt, remm (pfff, use ff)
- -1:
-
* Another fix for https://issues.apache.org/bugzilla/show_bug.cgi?id=43683
This isn't perfect but it narrows the window for the race condition
significantly. A perfect fix would require syncing most (all?) of allocate()
Modified: tomcat/tc6.0.x/trunk/java/org/apache/tomcat/util/http/ServerCookie.java
URL: http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/java/org/apache/tomcat/util/http/ServerCookie.java?rev=672889&r1=672888&r2=672889&view=diff
==============================================================================
--- tomcat/tc6.0.x/trunk/java/org/apache/tomcat/util/http/ServerCookie.java (original)
+++ tomcat/tc6.0.x/trunk/java/org/apache/tomcat/util/http/ServerCookie.java Mon Jun 30 13:07:49 2008
@@ -135,6 +135,7 @@
private static final String tspecials = ",; ";
private static final String tspecials2 = "()<>@,;:\\\"/[]?={} \t";
+ private static final String tspecials2NoSlash = "()<>@,;:\\\"[]?={} \t";
/*
* Tests a string and returns true if the string counts as a
@@ -146,6 +147,11 @@
* token; <code>false</code> if it is not
*/
public static boolean isToken(String value) {
+ return isToken(value,null);
+ }
+
+ public static boolean isToken(String value, String literals) {
+ String tspecials = (literals==null?ServerCookie.tspecials:literals);
if( value==null) return true;
int len = value.length();
@@ -172,8 +178,12 @@
return false;
}
-
public static boolean isToken2(String value) {
+ return isToken2(value,null);
+ }
+
+ public static boolean isToken2(String value, String literals) {
+ String tspecials2 = (literals==null?ServerCookie.tspecials2:literals);
if( value==null) return true;
int len = value.length();
@@ -299,7 +309,11 @@
// Path=path
if (path!=null) {
buf.append ("; Path=");
- maybeQuote2(version, buf, path);
+ if (version==0) {
+ maybeQuote2(version, buf, path);
+ } else {
+ maybeQuote2(version, buf, path, ServerCookie.tspecials2NoSlash, false);
+ }
}
// Secure
@@ -341,6 +355,10 @@
}
public static int maybeQuote2 (int version, StringBuffer buf, String value, boolean allowVersionSwitch) {
+ return maybeQuote2(version,buf,value,null,allowVersionSwitch);
+ }
+
+ public static int maybeQuote2 (int version, StringBuffer buf, String value, String literals, boolean allowVersionSwitch) {
if (value==null || value.length()==0) {
buf.append("\"\"");
}else if (containsCTL(value,version))
@@ -349,16 +367,16 @@
buf.append('"');
buf.append(escapeDoubleQuotes(value,1,value.length()-1));
buf.append('"');
- } else if (allowVersionSwitch && (!STRICT_SERVLET_COMPLIANCE) && version==0 && !isToken2(value)) {
+ } else if (allowVersionSwitch && (!STRICT_SERVLET_COMPLIANCE) && version==0 && !isToken2(value, literals)) {
buf.append('"');
buf.append(escapeDoubleQuotes(value,0,value.length()));
buf.append('"');
version = 1;
- } else if (version==0 && !isToken(value)) {
+ } else if (version==0 && !isToken(value,literals)) {
buf.append('"');
buf.append(escapeDoubleQuotes(value,0,value.length()));
buf.append('"');
- } else if (version==1 && !isToken2(value)) {
+ } else if (version==1 && !isToken2(value,literals)) {
buf.append('"');
buf.append(escapeDoubleQuotes(value,0,value.length()));
buf.append('"');
Modified: tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml
URL: http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml?rev=672889&r1=672888&r2=672889&view=diff
==============================================================================
--- tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml Mon Jun 30 13:07:49 2008
@@ -35,6 +35,7 @@
<section name="Tomcat 6.0.17 (remm)">
<subsection name="Catalina">
<changelog>
+ <fix><bug>45272</bug>Put in work around for Internet Explorer not accepting a quoted Path: value using the Set-Cookie header (fhanik)</fix>
<fix>
APR connector now adds connection to poller after using send file.
(remm)
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org