You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ofbiz.apache.org by le...@apache.org on 2008/10/14 22:48:32 UTC
svn commit: r704678 -
/ofbiz/trunk/framework/catalina/src/org/ofbiz/catalina/container/CrossSubdomainSessionValve.java
Author: lektran
Date: Tue Oct 14 13:48:32 2008
New Revision: 704678
URL: http://svn.apache.org/viewvc?rev=704678&view=rev
Log:
Changed the cross domain session valve to skip rewriting the session cookie if the domain is an IP address
Thanks to Adrian Crum for reporting the issue
Modified:
ofbiz/trunk/framework/catalina/src/org/ofbiz/catalina/container/CrossSubdomainSessionValve.java
Modified: ofbiz/trunk/framework/catalina/src/org/ofbiz/catalina/container/CrossSubdomainSessionValve.java
URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/catalina/src/org/ofbiz/catalina/container/CrossSubdomainSessionValve.java?rev=704678&r1=704677&r2=704678&view=diff
==============================================================================
--- ofbiz/trunk/framework/catalina/src/org/ofbiz/catalina/container/CrossSubdomainSessionValve.java (original)
+++ ofbiz/trunk/framework/catalina/src/org/ofbiz/catalina/container/CrossSubdomainSessionValve.java Tue Oct 14 13:48:32 2008
@@ -52,7 +52,18 @@
if (UtilValidate.isEmpty(cookieDomain)) {
String serverName = request.getServerName();
String[] domainArray = serverName.split("\\.");
- if (domainArray.length > 2) {
+ // check that the domain isn't an IP address
+ if (domainArray.length == 4) {
+ boolean isIpAddress = true;
+ for (String domainSection : domainArray) {
+ if (!UtilValidate.isIntegerInRange(domainSection, 0, 255)) {
+ isIpAddress = false;
+ break;
+ }
+ }
+ if (isIpAddress) return;
+ }
+ if (domainArray.length > 2 && UtilValidate.isAlphabetic(domainArray[domainArray.length - 1])) {
cookieDomain = "." + domainArray[domainArray.length - 2] + "." + domainArray[domainArray.length - 1];
}
}