You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@tomcat.apache.org by ma...@apache.org on 2010/07/01 21:33:45 UTC

svn commit: r959754 - in /tomcat/trunk: java/org/apache/catalina/core/ApplicationSessionCookieConfig.java webapps/docs/changelog.xml

Author: markt
Date: Thu Jul  1 19:33:45 2010
New Revision: 959754

URL: http://svn.apache.org/viewvc?rev=959754&view=rev
Log:
Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=49525
Cookies for ROOT context need a path of /

Modified:
    tomcat/trunk/java/org/apache/catalina/core/ApplicationSessionCookieConfig.java
    tomcat/trunk/webapps/docs/changelog.xml

Modified: tomcat/trunk/java/org/apache/catalina/core/ApplicationSessionCookieConfig.java
URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/core/ApplicationSessionCookieConfig.java?rev=959754&r1=959753&r2=959754&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/catalina/core/ApplicationSessionCookieConfig.java (original)
+++ tomcat/trunk/java/org/apache/catalina/core/ApplicationSessionCookieConfig.java Thu Jul  1 19:33:45 2010
@@ -156,6 +156,11 @@ public class ApplicationSessionCookieCon
         if (contextPath == null || contextPath.length() == 0) {
             contextPath = context.getEncodedPath();
         }
+        // Handle special case of ROOT context where cookies require a path of
+        // '/' but the servlet spec uses an empty string
+        if (contextPath.length() == 0) {
+            contextPath = "/";
+        }
         cookie.setPath(contextPath);
 
         return cookie;

Modified: tomcat/trunk/webapps/docs/changelog.xml
URL: http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/changelog.xml?rev=959754&r1=959753&r2=959754&view=diff
==============================================================================
--- tomcat/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/trunk/webapps/docs/changelog.xml Thu Jul  1 19:33:45 2010
@@ -79,6 +79,10 @@
         Use a LockOutRealm in the default configuration to prevent attempts to
         guess user passwords by brute-force. (markt)
       </add>
+      <fix>
+        <bug>49525</bug>: Ensure cookies for the ROOT context have a path of /
+        rather than an empty string. (markt)
+      </fix>
     </changelog>
   </subsection>
   <subsection name="Coyote">



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org