Author: remy.maucherat(a)jboss.com
Date: 2009-11-10 19:19:16 -0500 (Tue, 10 Nov 2009)
New Revision: 1261
Modified:
trunk/java/javax/servlet/http/Cookie.java
Log:
- Cookie update. Use the RI's system property.
Modified: trunk/java/javax/servlet/http/Cookie.java
===================================================================
--- trunk/java/javax/servlet/http/Cookie.java 2009-11-10 17:11:41 UTC (rev 1260)
+++ trunk/java/javax/servlet/http/Cookie.java 2009-11-11 00:19:16 UTC (rev 1261)
@@ -96,25 +96,25 @@
*/
public class Cookie implements Cloneable, Serializable {
- private static final long serialVersionUID = 4014436410614806011L;
+ private static final long serialVersionUID = -6454587001725327448L;
- public static final boolean STRICT =
- Boolean.valueOf(System.getProperty("Cookie.STRICT",
"false")).booleanValue();
+ private static final String TSPECIALS;
- private static final String tspecials;
- static {
- if (STRICT) {
- tspecials = "/()<>@,;:\\\"[]?={} \t";
- } else {
- tspecials = ",; ";
- }
- }
-
private static final String LSTRING_FILE =
"javax.servlet.http.LocalStrings";
private static ResourceBundle lStrings =
ResourceBundle.getBundle(LSTRING_FILE);
+
+ static {
+ if (Boolean.valueOf(System.getProperty(
+ "org.glassfish.web.rfc2109_cookie_names_enforced",
+ "true")).booleanValue()) {
+ TSPECIALS = "/()<>@,;:\\\"[]?={} \t";
+ } else {
+ TSPECIALS = ",; ";
+ }
+ }
//
// The value of the cookie itself.
@@ -139,11 +139,13 @@
/**
* Constructs a cookie with the specified name and value.
*
- * <p>The name must conform to RFC 2109. That means it can contain
- * only ASCII alphanumeric characters and cannot contain commas,
- * semicolons, or white space or begin with a $ character. The cookie's
- * name cannot be changed after creation.
+ * <p>The name must conform to RFC 2109. However, vendors may
+ * provide a configuration option that allows cookie names conforming
+ * to the original Netscape Cookie Specification to be accepted.
*
+ * <p>The name of a cookie cannot be changed once the cookie has
+ * been created.
+ *
* <p>The value can be anything the server chooses to send. Its
* value is probably of interest only to the server. The cookie's
* value can be changed after creation with the
@@ -446,7 +448,7 @@
int len = value.length();
for (int i = 0; i < len; i++) {
char c = value.charAt(i);
- if (c < 0x20 || c >= 0x7f || tspecials.indexOf(c) != -1) {
+ if (c < 0x20 || c >= 0x7f || TSPECIALS.indexOf(c) != -1) {
return false;
}
}
Show replies by date