You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by ma...@apache.org on 2017/01/27 20:14:21 UTC
svn commit: r1780606 - in /tomcat/trunk:
java/org/apache/tomcat/util/http/parser/Cookie.java
test/org/apache/tomcat/util/http/TestCookieParsing.java
webapps/docs/changelog.xml
Author: markt
Date: Fri Jan 27 20:14:21 2017
New Revision: 1780606
URL: http://svn.apache.org/viewvc?rev=1780606&view=rev
Log:
Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=60627
Modify the Rfc6265CookieProcessor so that in addition to cookie headers that start with an explicit RFC 2109 $Version=1, cookies that start with $Version=0 are also parsed as RFC 2109 cookies.
Modified:
tomcat/trunk/java/org/apache/tomcat/util/http/parser/Cookie.java
tomcat/trunk/test/org/apache/tomcat/util/http/TestCookieParsing.java
tomcat/trunk/webapps/docs/changelog.xml
Modified: tomcat/trunk/java/org/apache/tomcat/util/http/parser/Cookie.java
URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/http/parser/Cookie.java?rev=1780606&r1=1780605&r2=1780606&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/tomcat/util/http/parser/Cookie.java (original)
+++ tomcat/trunk/java/org/apache/tomcat/util/http/parser/Cookie.java Fri Jan 27 20:14:21 2017
@@ -138,8 +138,10 @@ public class Cookie {
ByteBuffer value = readCookieValue(bb);
if (value != null && value.remaining() == 1) {
- if (value.get() == (byte) 49) {
+ byte version = value.get();
+ if (version == (byte) 49 || version == (byte) 48) {
// $Version=1 -> RFC2109
+ // $Version=0 -> RFC2109
skipLWS(bb);
byte b = bb.get();
if (b == SEMICOLON_BYTE || b == COMMA_BYTE) {
Modified: tomcat/trunk/test/org/apache/tomcat/util/http/TestCookieParsing.java
URL: http://svn.apache.org/viewvc/tomcat/trunk/test/org/apache/tomcat/util/http/TestCookieParsing.java?rev=1780606&r1=1780605&r2=1780606&view=diff
==============================================================================
--- tomcat/trunk/test/org/apache/tomcat/util/http/TestCookieParsing.java (original)
+++ tomcat/trunk/test/org/apache/tomcat/util/http/TestCookieParsing.java Fri Jan 27 20:14:21 2017
@@ -51,6 +51,11 @@ public class TestCookieParsing extends T
private static final String[] COOKIES_WITH_QUOTES = new String[] {
"name=\"val\\\"ue\"", "name=\"value\"" };
+ private static final String[] COOKIES_V0 = new String[] {
+ "$Version=0;name=\"val ue\"", "$Version=0;name=\"val\tue\""};
+
+ private static final String COOKIES_V0_CONCAT = "name=\"val ue\"name=\"val\tue\"";
+
private static final String[] COOKIES_V1 = new String[] {
"$Version=1;name=\"val ue\"", "$Version=1;name=\"val\tue\""};
@@ -134,6 +139,14 @@ public class TestCookieParsing extends T
client.doRequest();
}
+
+ @Test
+ public void testRfc6265V0() throws Exception {
+ TestCookieParsingClient client = new TestCookieParsingClient(
+ new Rfc6265CookieProcessor(), COOKIES_V0, COOKIES_V0_CONCAT);
+ client.doRequest();
+ }
+
@Test
public void testRfc6265V1() throws Exception {
Modified: tomcat/trunk/webapps/docs/changelog.xml
URL: http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/changelog.xml?rev=1780606&r1=1780605&r2=1780606&view=diff
==============================================================================
--- tomcat/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/trunk/webapps/docs/changelog.xml Fri Jan 27 20:14:21 2017
@@ -86,6 +86,12 @@
<fix>
Restore Java 9 direct byte buffer compatibility. (remm)
</fix>
+ <fix>
+ <bug>60627</bug>: Modify the <code>Rfc6265CookieProcessor</code> so that
+ in addition to cookie headers that start with an explicit RFC 2109
+ <code>$Version=1</code>, cookies that start with <code>$Version=0</code>
+ are also parsed as RFC 2109 cookies. (markt)
+ </fix>
</changelog>
</subsection>
<subsection name="Jasper">
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org