You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by bu...@apache.org on 2004/03/10 00:12:04 UTC

DO NOT REPLY [Bug 27553] New: - Bad cookie in request logged as error

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG 
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=27553>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND 
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=27553

Bad cookie in request logged as error

           Summary: Bad cookie in request logged as error
           Product: Tomcat 5
           Version: 5.0.19
          Platform: Other
        OS/Version: Other
            Status: NEW
          Severity: Minor
          Priority: Other
         Component: Connector:Coyote
        AssignedTo: tomcat-dev@jakarta.apache.org
        ReportedBy: sam@redspr.com


Very minor issue but requests with badly formatted cookies 
generate log messages at severity level error.

Im not sure what the general rule is for logging badly formatted requests
is but a warning in the logs at most seems adequate.

The code below also seems to catch Exception rather than just
java.lang.IllegalArgumentException

Sorry if I should have raised this as "enhancement" rather than "minor".

I think this is the relevant code:

jakarta-tomcat-catalina/catalina/src/share/org/apache/coyote/tomcat5/CoyoteAdapter.java
Line 430 onwards:
            try {
                Cookie cookie = new Cookie(scookie.getName().toString(),
                                           scookie.getValue().toString());
                cookie.setPath(scookie.getPath().toString());
                cookie.setVersion(scookie.getVersion());
                String domain = scookie.getDomain().toString();
                if (domain != null) {
                    cookie.setDomain(scookie.getDomain().toString());
                }
                cookies[idx++] = cookie;
            } catch(Exception ex) {
                log.error("Bad Cookie Name: " + scookie.getName() + 
                    " /Value: " + scookie.getValue(),ex);
            }

This is one of the stack traces I got in the mail :

2004-03-09 16:21:51,390[CoyoteAdapteri ] Bad Cookie Name: Path /Value: /
 java.lang.IllegalArgumentException: Cookie name "Path" is a reserved token at
javax.servlet.http.Cookie.<init>(Cookie.java:185) at
org.apache.coyote.tomcat5.CoyoteAdapter.parseCookies(CoyoteAdapter.java:424) at
org.apache.coyote.tomcat5.CoyoteAdapter.postParseRequest(CoyoteAdapter.java:332)
at org.apache.coyote.tomcat5.CoyoteAdapter.service(CoyoteAdapter.java:204) at
org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:828) at
org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.processConnection(Http11Protocol.java:700)
at org.apache.tomcat.util.net.TcpWorkerThread.runIt(PoolTcpEndpoint.java:584) at
org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:683)
at java.lang.Thread.run(Thread.java:536)

Cheers

Sam

---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org