You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by bu...@apache.org on 2010/05/05 15:56:55 UTC
DO NOT REPLY [Bug 49252] New: Reading a cookie with an '=' in the
value is truncated
https://issues.apache.org/bugzilla/show_bug.cgi?id=49252
Summary: Reading a cookie with an '=' in the value is truncated
Product: Tomcat 6
Version: 6.0.24
Platform: PC
OS/Version: Windows XP
Status: NEW
Severity: critical
Priority: P2
Component: Catalina
AssignedTo: dev@tomcat.apache.org
ReportedBy: alex.objelean@gmail.com
Simple JSP that reproduces the issue
If you set a cookie in a JSP that has an '=' character in the value, reading
that
cookie in subsequent loads truncates at the apostrophe.
Reading the cookie fails even if the cookie was set client side or was
pre-existing.
I've attached a very simple testcase.jsp page
--
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org
DO NOT REPLY [Bug 49252] Reading a cookie with an '=' in the value
is truncated
Posted by bu...@apache.org.
https://issues.apache.org/bugzilla/show_bug.cgi?id=49252
Konstantin Kolinko <kn...@gmail.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Resolution|INVALID |DUPLICATE
--- Comment #6 from Konstantin Kolinko <kn...@gmail.com> 2010-05-05 10:42:24 EDT ---
1. You should search first, before submitting an issue. See bug 44679
2. testcase.jsp is not attached
3. There is a configuration option to allow equal signs in a cookie value,
since 6.0.24, see
http://tomcat.apache.org/tomcat-6.0-doc/config/systemprops.html
*** This bug has been marked as a duplicate of bug 44679 ***
--
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org
DO NOT REPLY [Bug 49252] Reading a cookie with an '=' in the value
is truncated
Posted by bu...@apache.org.
https://issues.apache.org/bugzilla/show_bug.cgi?id=49252
Alex Objelean <al...@gmail.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|RESOLVED |REOPENED
Resolution|INVALID |
--- Comment #3 from Alex Objelean <al...@gmail.com> 2010-05-05 10:10:16 EDT ---
Not using Base64 character is not an option for us. Is there a work around for
this problem?
--
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org
DO NOT REPLY [Bug 49252] Reading a cookie with an '=' in the value
is truncated
Posted by bu...@apache.org.
https://issues.apache.org/bugzilla/show_bug.cgi?id=49252
--- Comment #5 from Alex Objelean <al...@gmail.com> 2010-05-05 10:39:24 EDT ---
(In reply to comment #4)
> (In reply to comment #3)
> > Not using Base64 character is not an option for us. Is there a work around for
> > this problem?
>
> To repeat what the man said:
>
> "Please read the archives or ask on the users list if you need further
> assistance."
>
> Bugzilla is not an appropriate forum for discussing application and
> configuration issues.
>
> - Chuck
Thank you Chuck. You are very kind and helpful :)
--
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org
DO NOT REPLY [Bug 49252] Reading a cookie with an '=' in the value
is truncated
Posted by bu...@apache.org.
https://issues.apache.org/bugzilla/show_bug.cgi?id=49252
--- Comment #2 from Alex Objelean <al...@gmail.com> 2010-05-05 10:04:23 EDT ---
(In reply to comment #1)
> Such a cookie is not specification compliant. Please read the archives or ask
> on the users list if you need further assistance.
But this used to work on tomcat-6.0.16. The problem is that we encode a base64
value into a cookie and it does contain such characters. It is critical for our
application.
--
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org
DO NOT REPLY [Bug 49252] Reading a cookie with an '=' in the value
is truncated
Posted by bu...@apache.org.
https://issues.apache.org/bugzilla/show_bug.cgi?id=49252
--- Comment #7 from Alex Objelean <al...@gmail.com> 2010-05-05 11:14:40 EDT ---
(In reply to comment #6)
> 1. You should search first, before submitting an issue. See bug 44679
> 2. testcase.jsp is not attached
> 3. There is a configuration option to allow equal signs in a cookie value,
> since 6.0.24, see
> http://tomcat.apache.org/tomcat-6.0-doc/config/systemprops.html
>
> *** This bug has been marked as a duplicate of bug 44679 ***
Thanks Konstantin!
The org.apache.catalina.STRICT_SERVLET_COMPLIANCE=true solved my problem.
--
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org
DO NOT REPLY [Bug 49252] Reading a cookie with an '=' in the value
is truncated
Posted by bu...@apache.org.
https://issues.apache.org/bugzilla/show_bug.cgi?id=49252
Mark Thomas <ma...@apache.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|REOPENED |RESOLVED
Resolution| |INVALID
--
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org
DO NOT REPLY [Bug 49252] Reading a cookie with an '=' in the value
is truncated
Posted by bu...@apache.org.
https://issues.apache.org/bugzilla/show_bug.cgi?id=49252
Mark Thomas <ma...@apache.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution| |INVALID
--- Comment #1 from Mark Thomas <ma...@apache.org> 2010-05-05 10:01:12 EDT ---
Such a cookie is not specification compliant. Please read the archives or ask
on the users list if you need further assistance.
--
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org
DO NOT REPLY [Bug 49252] Reading a cookie with an '=' in the value
is truncated
Posted by bu...@apache.org.
https://issues.apache.org/bugzilla/show_bug.cgi?id=49252
--- Comment #4 from Chuck Caldarale <ch...@unisys.com> 2010-05-05 10:30:41 EDT ---
(In reply to comment #3)
> Not using Base64 character is not an option for us. Is there a work around for
> this problem?
To repeat what the man said:
"Please read the archives or ask on the users list if you need further
assistance."
Bugzilla is not an appropriate forum for discussing application and
configuration issues.
- Chuck
--
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org