You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by bu...@apache.org on 2004/03/10 00:12:04 UTC
DO NOT REPLY [Bug 27553] New: -
Bad cookie in request logged as error
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=27553>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND
INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=27553
Bad cookie in request logged as error
Summary: Bad cookie in request logged as error
Product: Tomcat 5
Version: 5.0.19
Platform: Other
OS/Version: Other
Status: NEW
Severity: Minor
Priority: Other
Component: Connector:Coyote
AssignedTo: tomcat-dev@jakarta.apache.org
ReportedBy: sam@redspr.com
Very minor issue but requests with badly formatted cookies
generate log messages at severity level error.
Im not sure what the general rule is for logging badly formatted requests
is but a warning in the logs at most seems adequate.
The code below also seems to catch Exception rather than just
java.lang.IllegalArgumentException
Sorry if I should have raised this as "enhancement" rather than "minor".
I think this is the relevant code:
jakarta-tomcat-catalina/catalina/src/share/org/apache/coyote/tomcat5/CoyoteAdapter.java
Line 430 onwards:
try {
Cookie cookie = new Cookie(scookie.getName().toString(),
scookie.getValue().toString());
cookie.setPath(scookie.getPath().toString());
cookie.setVersion(scookie.getVersion());
String domain = scookie.getDomain().toString();
if (domain != null) {
cookie.setDomain(scookie.getDomain().toString());
}
cookies[idx++] = cookie;
} catch(Exception ex) {
log.error("Bad Cookie Name: " + scookie.getName() +
" /Value: " + scookie.getValue(),ex);
}
This is one of the stack traces I got in the mail :
2004-03-09 16:21:51,390[CoyoteAdapteri ] Bad Cookie Name: Path /Value: /
java.lang.IllegalArgumentException: Cookie name "Path" is a reserved token at
javax.servlet.http.Cookie.<init>(Cookie.java:185) at
org.apache.coyote.tomcat5.CoyoteAdapter.parseCookies(CoyoteAdapter.java:424) at
org.apache.coyote.tomcat5.CoyoteAdapter.postParseRequest(CoyoteAdapter.java:332)
at org.apache.coyote.tomcat5.CoyoteAdapter.service(CoyoteAdapter.java:204) at
org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:828) at
org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.processConnection(Http11Protocol.java:700)
at org.apache.tomcat.util.net.TcpWorkerThread.runIt(PoolTcpEndpoint.java:584) at
org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:683)
at java.lang.Thread.run(Thread.java:536)
Cheers
Sam
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org