JBossWeb SVN: r690 - trunk/java/org/apache/tomcat/util/http. - jbossweb-commits

Tuesday, 1 July 2008

Author: remy.maucherat(a)jboss.com
Date: 2008-07-01 05:50:05 -0400 (Tue, 01 Jul 2008)
New Revision: 690

Modified:
   trunk/java/org/apache/tomcat/util/http/ServerCookie.java
Log:
- Add more code to avoid quoting paths.

Modified: trunk/java/org/apache/tomcat/util/http/ServerCookie.java
===================================================================

--- trunk/java/org/apache/tomcat/util/http/ServerCookie.java	2008-06-30 17:38:13 UTC (rev
689)
+++ trunk/java/org/apache/tomcat/util/http/ServerCookie.java	2008-07-01 09:50:05 UTC (rev
690)
@@ -135,6 +135,7 @@
     
     private static final String tspecials = ",; ";
     private static final String tspecials2 = "()<>@,;:\\\"/[]?={}
\t";
+    private static final String tspecials2NoSlash = "()<>@,;:\\\"[]?={}
\t";
 
     /*
      * Tests a string and returns true if the string counts as a
@@ -146,6 +147,11 @@
      *              token; <code>false</code> if it is not
      */
     public static boolean isToken(String value) {
+        return isToken(value,null);
+    }
+    
+    public static boolean isToken(String value, String literals) {
+        String tspecials = (literals==null?ServerCookie.tspecials:literals);
         if( value==null) return true;
         int len = value.length();
 
@@ -172,8 +178,12 @@
         return false;
     }
 
+    public static boolean isToken2(String value) {
+        return isToken2(value,null);
+    }
 
-    public static boolean isToken2(String value) {
+    public static boolean isToken2(String value, String literals) {
+        String tspecials2 = (literals==null?ServerCookie.tspecials2:literals);
         if( value==null) return true;
         int len = value.length();
 
@@ -299,7 +309,11 @@
         // Path=path
         if (path!=null) {
             buf.append ("; Path=");
-            maybeQuote2(version, buf, path);
+            if (version==0) {
+                maybeQuote2(version, buf, path);
+            } else {
+                maybeQuote2(version, buf, path, ServerCookie.tspecials2NoSlash, false);
+            }
         }
 
         // Secure
@@ -341,6 +355,10 @@
     }
 
     public static int maybeQuote2 (int version, StringBuffer buf, String value, boolean
allowVersionSwitch) {
+        return maybeQuote2(version,buf,value,null,allowVersionSwitch);
+    }
+
+    public static int maybeQuote2 (int version, StringBuffer buf, String value, String
literals, boolean allowVersionSwitch) {
         if (value==null || value.length()==0) {
             buf.append("\"\"");
         }else if (containsCTL(value,version)) 
@@ -349,16 +367,16 @@
             buf.append('"');
             buf.append(escapeDoubleQuotes(value,1,value.length()-1));
             buf.append('"');
-        } else if (allowVersionSwitch && (!STRICT_SERVLET_COMPLIANCE) &&
version==0 && !isToken2(value)) {
+        } else if (allowVersionSwitch && (!STRICT_SERVLET_COMPLIANCE) &&
version==0 && !isToken2(value, literals)) {
             buf.append('"');
             buf.append(escapeDoubleQuotes(value,0,value.length()));
             buf.append('"');
             version = 1;
-        } else if (version==0 && !isToken(value)) {
+        } else if (version==0 && !isToken(value,literals)) {
             buf.append('"');
             buf.append(escapeDoubleQuotes(value,0,value.length()));
             buf.append('"');
-        } else if (version==1 && !isToken2(value)) {
+        } else if (version==1 && !isToken2(value,literals)) {
             buf.append('"');
             buf.append(escapeDoubleQuotes(value,0,value.length()));
             buf.append('"');
@@ -427,4 +445,3 @@
         bc.setEnd(dest);
     }
 }
-


    

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

JBossWeb SVN: r690 - trunk/java/org/apache/tomcat/util/http.