You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@tomcat.apache.org by kk...@apache.org on 2014/06/15 15:49:39 UTC

svn commit: r1602694 - in /tomcat/trunk/webapps: docs/changelog.xml examples/WEB-INF/classes/CookieExample.java

Author: kkolinko
Date: Sun Jun 15 13:49:39 2014
New Revision: 1602694

URL: http://svn.apache.org/r1602694
Log:
Followup to r1602522
Add "/" to the path like we do for session cookies.
Use request.getContextPath() as I think it makes a better example.

If I examples are named "/examples" then either code works. If I rename them to some Cyrillic name then the new code works while the old one does not. Tested with Firefox 29 on Windows 7.

Modified:
    tomcat/trunk/webapps/docs/changelog.xml
    tomcat/trunk/webapps/examples/WEB-INF/classes/CookieExample.java

Modified: tomcat/trunk/webapps/docs/changelog.xml
URL: http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/changelog.xml?rev=1602694&r1=1602693&r2=1602694&view=diff
==============================================================================
--- tomcat/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/trunk/webapps/docs/changelog.xml Sun Jun 15 13:49:39 2014
@@ -263,7 +263,7 @@
         only returned to the examples application. This reduces the opportunity
         for using such cookies for malicious purposes should the advice to
         remove the examples web application from security sensitive systems be
-        ignored. (markt)
+        ignored. (markt/kkolinko)
       </fix>
     </changelog>
   </subsection>

Modified: tomcat/trunk/webapps/examples/WEB-INF/classes/CookieExample.java
URL: http://svn.apache.org/viewvc/tomcat/trunk/webapps/examples/WEB-INF/classes/CookieExample.java?rev=1602694&r1=1602693&r2=1602694&view=diff
==============================================================================
--- tomcat/trunk/webapps/examples/WEB-INF/classes/CookieExample.java (original)
+++ tomcat/trunk/webapps/examples/WEB-INF/classes/CookieExample.java Sun Jun 15 13:49:39 2014
@@ -50,7 +50,7 @@ public class CookieExample extends HttpS
         Cookie aCookie = null;
         if (cookieName != null && cookieValue != null) {
             aCookie = new Cookie(cookieName, cookieValue);
-            aCookie.setPath(request.getServletContext().getContextPath());
+            aCookie.setPath(request.getContextPath() + "/");
             response.addCookie(aCookie);
         }
 



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org