You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@struts.apache.org by "Lukasz Lenart (JIRA)" <ji...@apache.org> on 2014/12/19 18:22:13 UTC

[jira] [Updated] (WW-4437) Bug in CookieInterceptor

     [ https://issues.apache.org/jira/browse/WW-4437?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Lukasz Lenart updated WW-4437:
------------------------------
    Fix Version/s: 2.3.21

> Bug in CookieInterceptor
> ------------------------
>
>                 Key: WW-4437
>                 URL: https://issues.apache.org/jira/browse/WW-4437
>             Project: Struts 2
>          Issue Type: Bug
>          Components: Core Interceptors
>    Affects Versions: 2.3.20
>            Reporter: Chris Pratt
>             Fix For: 2.3.21
>
>
> Sorry, I don't have an environment set up to create a patch, but I found an error in the {{CookieInterceptor.isAccepted()}} method.  It currently looks like:
> {code:java}
> /**
>  * Checks if name of Cookie match {@link #acceptedPattern}
>  *
>  * @param name of Cookie
>  * @return true|false
>  */
> protected boolean isAccepted(String name) {
>     boolean matches = acceptedPattern.matcher(name).matches();
>     if (matches) {
>         if (LOG.isTraceEnabled()) {
>             LOG.trace("Cookie [#0] matches acceptedPattern [#1]", name, ACCEPTED_PATTERN);
>         }
>     } else {
>         if (LOG.isTraceEnabled()) {
>             LOG.trace("Cookie [#0] doesn't match acceptedPattern [#1]", name, ACCEPTED_PATTERN);
>         }
>     }
>     return matches;
> }
> {code}
> But it would be more useful if it actually reported the RegEx being used instead of the default.  And, it would be more performant if the comparisons were reversed.  So something more like:
> {code:java}
> /**
>  * Checks if name of Cookie match {@link #acceptedPattern}
>  *
>  * @param name of Cookie
>  * @return true|false
>  */
> protected boolean isAccepted (String name) {
>   boolean matches = acceptedPattern.matcher(name).matches();
>   if(LOG.isTraceEnabled()) {   
>     if(matches) {
>       LOG.trace("Cookie [#0] matches acceptedPattern [#1]",name,acceptedPattern.pattern());
>     } else {
>       LOG.trace("Cookie [#0] doesn't match acceptedPattern [#1]",name,acceptedPattern.pattern());
>     }
>   }
>   return matches;
> }
> {code}
> In addition, it looks like the default and the override are handled differently.  The current code compiles the default case-insensitive, but not the override pattern.  Shouldn't that be consistent?
> {code:java}
> private Pattern acceptedPattern = Pattern.compile(ACCEPTED_PATTERN,Pattern.CASE_INSENSITIVE);
> public void setAcceptCookieNames (String pattern) {
>   acceptedPattern = Pattern.compile(pattern);
> }
> {code}



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)